Sha256: 01d5669c723ded5cc7e34045fadb85e0cbb60960a8a942c7f0017426bf350c79

Contents?: true

Size: 423 Bytes

Versions: 6

Compression:

Stored size: 423 Bytes

Contents

---
gem: auto_select2
osvdb: 132800
url: https://github.com/Loriowar/auto_select2/issues/4
title: |
  auto_select2 Gem for Ruby allows arbitrary search execution
date: 2016-01-08
description: |
  auto_select2 Gem for Ruby contains a flaw that is triggered when handling the
  'params[:default_class_name]' option. This allows users to search any object
  of all given ActiveRecord classes.
patched_versions:
  - ">= 0.5.0"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/auto_select2/OSVDB-132800.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/auto_select2/OSVDB-132800.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/auto_select2/OSVDB-132800.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/auto_select2/OSVDB-132800.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/auto_select2/OSVDB-132800.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/auto_select2/OSVDB-132800.yml