CVE-2014-125054

Опубликовано: 07 янв. 2023

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

A vulnerability classified as critical was found in koroket RedditOnRails. This vulnerability affects unknown code of the component Vote Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The patch is identified as 7f3c7407d95d532fcc342b00d68d0ea09ca71030. It is recommended to apply a patch to fix this issue. VDB-217594 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217594
Third Party Advisory
VDB Entry
https://vuldb.com/?id.217594
Third Party Advisory
VDB Entry
https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217594
Third Party Advisory
VDB Entry
https://vuldb.com/?id.217594
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:reddit-on-rails_project:reddit-on-rails:*:*:*:*:*:ruby:*:*

Версия до 2014-12-19 (исключая)

EPSS

Процентиль: 60%

0.00405

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-6mjm-3w8w-26jh