exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2012-3424

больше 13 лет назад

The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method. There is a DoS vulnerability in Action Pack digest authentication handling in Rails.

CVSS2: 5

EPSS: Низкий

CVE-2012-3424

больше 13 лет назад

The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.

CVSS2: 4.3

EPSS: Низкий

CVE-2012-3424

больше 13 лет назад

The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.

CVSS2: 5

EPSS: Низкий

CVE-2012-3424

больше 13 лет назад

The decode_credentials method in actionpack/lib/action_controller/meta ...

CVSS2: 5

EPSS: Низкий

GHSA-92w9-2pqw-rhjj

больше 8 лет назад

actionpack Improper Authentication vulnerability

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2012-3424 The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method. There is a DoS vulnerability in Action Pack digest authentication handling in Rails.	CVSS2: 5	1% Низкий	больше 13 лет назад
CVE-2012-3424 The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.	CVSS2: 4.3	1% Низкий	больше 13 лет назад
CVE-2012-3424 The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.	CVSS2: 5	1% Низкий	больше 13 лет назад
CVE-2012-3424 The decode_credentials method in actionpack/lib/action_controller/meta ...	CVSS2: 5	1% Низкий	больше 13 лет назад
GHSA-92w9-2pqw-rhjj actionpack Improper Authentication vulnerability		1% Низкий	больше 8 лет назад

Уязвимостей на страницу