Количество 3
Количество 3
CVE-2017-7540
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.
CVE-2017-7540
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.
GHSA-5vx5-9q73-wgp4
Safemode Gem Has Incomplete List of Disallowed Inputs
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-7540 rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation. | CVSS3: 7.5 | 0% Низкий | больше 8 лет назад |
 | CVE-2017-7540 rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation. | CVSS3: 9.8 | 0% Низкий | больше 8 лет назад |
| GHSA-5vx5-9q73-wgp4 Safemode Gem Has Incomplete List of Disallowed Inputs | CVSS3: 9.8 | 0% Низкий | больше 8 лет назад |
Уязвимостей на страницу