exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2013-1800

почти 13 лет назад

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.

CVSS2: 7.5

EPSS: Низкий

CVE-2013-1800

около 13 лет назад

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.

CVSS2: 7.5

EPSS: Низкий

CVE-2013-1800

почти 13 лет назад

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.

CVSS2: 7.5

EPSS: Низкий

CVE-2013-1800

почти 13 лет назад

The crack gem 0.3.1 and earlier for Ruby does not properly restrict ca ...

CVSS2: 7.5

EPSS: Низкий

GHSA-m7fq-cf8q-35q7

больше 8 лет назад

crack does not properly restrict casts of string values

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2013-1800 The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.	CVSS2: 7.5	2% Низкий	почти 13 лет назад
CVE-2013-1800 The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.	CVSS2: 7.5	2% Низкий	около 13 лет назад
CVE-2013-1800 The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.	CVSS2: 7.5	2% Низкий	почти 13 лет назад
CVE-2013-1800 The crack gem 0.3.1 and earlier for Ruby does not properly restrict ca ...	CVSS2: 7.5	2% Низкий	почти 13 лет назад
GHSA-m7fq-cf8q-35q7 crack does not properly restrict casts of string values		2% Низкий	больше 8 лет назад

Уязвимостей на страницу