Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-0276HistoryFeb 13, 2013 - 1:55 a.m.
CVE-2013-0276
2013-02-1301:55:05
Debian Security Bug Tracker
security-tracker.debian.org
19
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.009 Low
EPSS
Percentile
83.0%
ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 11 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 999 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 13 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-activemodel-3.2.8-2.fc18
2013-02-21 05:37:58
[SECURITY] Fedora 17 Update: rubygem-activemodel-3.0.11-3.fc17
2013-02-21 05:38:11
gitlab
gitlab
Circumvention of attr_protected
2013-02-12 00:00:00
Circumvention of attr_protected
2013-02-12 00:00:00
seebug
seebug
Ruby on Rails 远程安全绕过漏洞(CVE-2013-0276)
2013-03-07 00:00:00
openvas
openvas
Fedora Update for rubygem-activemodel FEDORA-2013-2398
2013-02-22 00:00:00
Fedora Update for rubygem-activemodel FEDORA-2013-2398
2013-02-22 00:00:00
Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities)
2013-02-12 00:00:00
github
github
ActiveRecord vulnerable to modification of protected model attributes
2017-10-24 18:33:37
nvd
nvd
CVE-2013-0276
2013-02-13 01:55:05
osv
osv
ActiveRecord vulnerable to modification of protected model attributes
2017-10-24 18:33:37
rails - several
2013-02-12 00:00:00
nessus
nessus
Fedora 17 : rubygem-activemodel-3.0.11-3.fc17 (2013-2391)
2013-02-21 00:00:00
FreeBSD : Ruby Activemodel Gem -- Circumvention of attr_protected (beab40bf-c1ca-4d2b-ad46-2f14bac8a968)
2013-02-18 00:00:00
Fedora 18 : rubygem-activemodel-3.2.8-2.fc18 (2013-2398)
2013-02-21 00:00:00
cvelist
cvelist
CVE-2013-0276
2013-02-13 01:00:00
freebsd
freebsd
Ruby Activemodel Gem -- Circumvention of attr_protected
2013-02-11 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-02-13 01:55:00
cve
cve
CVE-2013-0276
2013-02-13 01:55:05
ubuntucve
ubuntucve
CVE-2013-0276
2013-02-13 00:00:00
rubygems
rubygems
securityvulns
securityvulns
[SECURITY] [DSA 2620-1] rails security update
2013-02-18 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-02-18 00:00:00
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
debian
debian
[SECURITY] [DSA 2620-1] rails security update
2013-02-12 21:09:50
threatpost
threatpost
Ruby on Rails Patches DoS, Remote Execution Flaws
2013-02-13 17:51:57
suse
suse
Security update for Ruby On Rails (important)
2013-03-19 18:04:46
Security update for Ruby on Rails (important)
2013-04-03 20:06:19
veracode
veracode
Input Validation Bypass
2019-05-02 04:44:16
Arbitrary Code Execution
2019-05-02 04:44:25
redhat
redhat
(RHSA-2013:0686) Moderate: Subscription Asset Manager 1.2.1 update
2013-03-26 00:00:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.009 Low
EPSS
Percentile
83.0%
Related for DEBIANCVE:CVE-2013-0276