exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

BDU:2019-00439

больше 7 лет назад

Уязвимость механизма защиты «rack-protection» фреймворка Sinatra для разработки веб-приложений на языке программирования Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

CVSS3: 5.9

EPSS: Низкий

CVE-2018-1000119

больше 7 лет назад

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

CVSS3: 5.9

EPSS: Низкий

CVE-2018-1000119

больше 10 лет назад

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

CVSS3: 3.7

EPSS: Низкий

CVE-2018-1000119

больше 7 лет назад

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.

CVSS3: 5.9

EPSS: Низкий

CVE-2018-1000119

больше 7 лет назад

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier conta ...

CVSS3: 5.9

EPSS: Низкий

GHSA-688c-3x49-6rqj

больше 7 лет назад

rack-protection gem timing attack vulnerability when validating CSRF token

CVSS3: 5.9

EPSS: Низкий

ELSA-2018-1060

больше 7 лет назад

ELSA-2018-1060: pcs security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2019-00439 Уязвимость механизма защиты «rack-protection» фреймворка Sinatra для разработки веб-приложений на языке программирования Ruby, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации	CVSS3: 5.9	0% Низкий	больше 7 лет назад
CVE-2018-1000119 Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.	CVSS3: 5.9	0% Низкий	больше 7 лет назад
CVE-2018-1000119 Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.	CVSS3: 3.7	0% Низкий	больше 10 лет назад
CVE-2018-1000119 Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.	CVSS3: 5.9	0% Низкий	больше 7 лет назад
CVE-2018-1000119 Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier conta ...	CVSS3: 5.9	0% Низкий	больше 7 лет назад
GHSA-688c-3x49-6rqj rack-protection gem timing attack vulnerability when validating CSRF token	CVSS3: 5.9	0% Низкий	больше 7 лет назад
ELSA-2018-1060 ELSA-2018-1060: pcs security update (IMPORTANT)			больше 7 лет назад

Уязвимостей на страницу