Описание
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
Ссылки
- Mailing ListPatchThird Party Advisory
- Permissions RequiredThird Party Advisory
- Mailing ListPatchThird Party Advisory
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
A denial of service vulnerability exists in Rails <6.0.3.2 that allowe ...
Untrusted users can run pending migrations in production in Rails
Уязвимость программной платформы Ruby on Rails, связанная с неправильной авторизацией, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2