CVE-2023-28120

Опубликовано: 09 янв. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.

EPSS

Процентиль: 44%

0.00214

Низкий

5.3 Medium

CVSS3

CWE-79

CVE-2023-28120

CVSS3: 5.3

ubuntu

около 1 года назад

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.

CVE-2023-28120

CVSS3: 6.1

redhat

почти 3 года назад

There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.

CVE-2023-28120

CVSS3: 5.3

debian

около 1 года назад

There is a vulnerability in ActiveSupport if the new bytesplice method ...

GHSA-pj73-v5mw-pm9j

CVSS3: 5.3

github

почти 3 года назад

Possible XSS Security Vulnerability in SafeBuffer#bytesplice

SUSE-SU-2023:2304-1

suse-cvrf

больше 2 лет назад

Security update for rmt-server

EPSS

Процентиль: 44%

0.00214

Низкий

5.3 Medium

CVSS3

CWE-79