Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:14583
HistoryMay 02, 2019 - 4:53 a.m.

Authorization Bypass

2019-05-0204:53:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.004 Low

EPSS

Percentile

74.7%

JSON

ruby is vulnerable to authorization bypass. A remote attacker can bypass safe-level restrictions and use Exception#to_s to destructively modify an untainted string so that it is tainted, the string can then be arbitrarily modified.

References

Related

freebsd 1
nessus 16
ubuntu 4
fedora 8
cvelist 2
openvas 26
amazon 1
securityvulns 2
ubuntucve 2
nvd 2
cve 2
seebug 1
prion 2
rubygems 1
redhat 1
freebsd
freebsd
ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s
2012-08-21 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : ruby1.9.1 vulnerabilities (USN-1602-1)
2012-10-11 00:00:00
Fedora 17 : ruby-1.9.3.194-17.fc17 (2012-15395)
2012-10-15 00:00:00
FreeBSD : ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s (2a093853-2495-11e2-b0c7-000d601460a4)
2012-11-02 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2012-10-10 00:00:00
Ruby vulnerabilities
2012-10-10 00:00:00
Ruby vulnerabilities
2012-10-23 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ruby-1.9.3.194-18.fc18
2012-10-09 00:29:34
[SECURITY] Fedora 17 Update: ruby-1.9.3.194-17.fc17
2012-10-14 03:50:48
[SECURITY] Fedora 17 Update: ruby-1.9.3.286-18.fc17
2012-10-22 01:59:29
cvelist
cvelist
CVE-2012-4466
2013-04-25 23:00:00
CVE-2012-4464
2013-04-25 23:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1603-2)
2012-10-31 00:00:00
Ubuntu Update for ruby1.9.1 USN-1602-1
2012-10-11 00:00:00
Ubuntu Update for ruby1.8 USN-1603-2
2012-10-31 00:00:00
amazon
amazon
Medium: ruby
2012-10-23 10:43:00
securityvulns
securityvulns
[USN-1603-1] Ruby vulnerabilities
2012-10-15 00:00:00
Ruby restrictions bypass
2012-10-15 00:00:00
ubuntucve
ubuntucve
CVE-2012-4466
2012-10-03 00:00:00
CVE-2012-4464
2012-10-03 00:00:00
nvd
nvd
CVE-2012-4466
2013-04-25 23:55:01
CVE-2012-4464
2013-04-25 23:55:01
cve
cve
CVE-2012-4466
2013-04-25 23:55:01
CVE-2012-4464
2013-04-25 23:55:01
seebug
seebug
Ruby 安全级别限制绕过漏洞(CVE-2012-4466)
2013-04-28 00:00:00
prion
prion
Code injection
2013-04-25 23:55:00
Design/Logic Flaw
2013-04-25 23:55:00
rubygems
rubygems
Ruby Exception#to_s / NameError#to_s Methods Safe Level Security Bypass
2012-10-11 20:00:00
redhat
redhat
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00

0.004 Low

EPSS

Percentile

74.7%

JSON
Related for VERACODE:14583
freebsd1nessus16ubuntu4fedora8cvelist2openvas26amazon1securityvulns2ubuntucve2nvd2cve2seebug1prion2rubygems1redhat1