Sha256: 7ef12045ae81abe14fdd3235636aa6f54fcfa5b791cf293bc271755cb1a0f8cb

Contents?: true

Size: 527 Bytes

Versions: 5

Compression:

Stored size: 527 Bytes

Contents

---
gem: fat_free_crm
osvdb: 101447
cve: 2013-7224
url: http://osvdb.org/show/osvdb/101447
title: Fat Free CRM Gem for Ruby allows remote attackers to obtain
  sensitive informations
date: 2013-12-24
description: |
  Fat Free CRM contains a flaw in user controllers that is triggered as JSON
  requests are rendered with a full JSON object. This may allow a remote
  attacker to gain access to potentially sensitive information e.g. other
  users password hashes.
cvss_v2: 5.0
patched_versions:
  - ">= 0.13.0"
  - "~> 0.12.1"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/fat_free_crm/OSVDB-101447.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/fat_free_crm/OSVDB-101447.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/fat_free_crm/OSVDB-101447.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/fat_free_crm/OSVDB-101447.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/fat_free_crm/OSVDB-101447.yml