Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2013-0333
Beschreibung:lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication via crafted data that triggers unsafe decoding, a different vulnerability than CVE-2013-0156.
Test Kennungen:  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2013-0333
CERT/CC vulnerability note: VU#628463
Debian Security Information: DSA-2613 (Google Search)
RedHat Security Advisories: RHSA-2013:0201
RedHat Security Advisories: RHSA-2013:0202
RedHat Security Advisories: RHSA-2013:0203

© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.