Sha256: a95c226f253d116687426e9bf842eabb8bef5f2610ead78f6e6db57218de5d64

Contents?: true

Size: 571 Bytes

Versions: 9

Compression:

Stored size: 571 Bytes

Contents

--- 
gem: activerecord
framework: rails
cve: 2013-0276
osvdb: 90072
url: http://direct.osvdb.org/show/osvdb/90072
title: Ruby on Rails Active Record attr_protected Method Bypass
date: 2013-02-11

description: |
  Ruby on Rails contains a flaw in the attr_protected method of the
  Active Record. The issue is triggered during the handling of a specially
  crafted request, which may allow a remote attacker to bypass protection
  mechanisms and alter values that would otherwise be protected.

cvss_v2: 5.0

patched_versions: 
  - ~> 2.3.17
  - ~> 3.1.11
  - ">= 3.2.12"

Version data entries

9 entries across 9 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
mrjoy-bundler-audit-0.3.2 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
mrjoy-bundler-audit-0.3.1 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
bundler-audit-0.3.0 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
mrjoy-bundler-audit-0.2.1 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
bundler-audit-0.2.0 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml
mrjoy-bundler-audit-0.1.4 data/ruby-advisory-db/gems/activerecord/OSVDB-90072.yml