Skip to main content
CVE-2013-0156 HIGH POC PATCH THREAT Act Now

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 91.9%.

Denial Of Service RCE Rails Ruby On Rails Debian Linux
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
91.9%
Threat
5.8

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy