Описание
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.2-1ubuntu0.1 |
| devel | not-affected | |
| edgy | not-affected | |
| feisty | not-affected | |
| gutsy | not-affected | |
| upstream | released | 1.1.5 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 85%
0.0288
Низкий
7.5 High
CVSS2
Связанные уязвимости
nvd
больше 19 лет назад
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.
debian
больше 19 лет назад
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby cod ...
EPSS
Процентиль: 85%
0.0288
Низкий
7.5 High
CVSS2