Sha256: a5d646758e8c41a64aaedc05eda19305b5cbd5eab9a9e9c92d4baebd0d607801

Contents?: true

Size: 431 Bytes

Versions: 6

Compression:

Stored size: 431 Bytes

Contents

---
gem: spree
cve: 2008-7310
osvdb: 81505
url: https://spreecommerce.com/blog/security-vulnerability-mass-assignment
title: |
  Spree Hash Restriction Weakness URL Parsing Order State Value Manipulation
date: 2008-09-22
description: |
  Spree contains a hash restriction weakness that occurs when parsing a
  modified URL. This may allow an attacker to manipulate order state values.
cvss_v2: 5.0
patched_versions:
  - ">= 0.3.0"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/spree/OSVDB-81505.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/spree/OSVDB-81505.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/spree/OSVDB-81505.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/spree/OSVDB-81505.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/spree/OSVDB-81505.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/spree/OSVDB-81505.yml