CVE-2013-0277
13.02.2013, 01:55
ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.Enginsight
| Vendor | Product | Version |
|---|---|---|
| rubyonrails | rails | 3.0.0 |
| rubyonrails | rails | 3.0.0:beta |
| rubyonrails | rails | 3.0.0:beta2 |
| rubyonrails | rails | 3.0.0:beta3 |
| rubyonrails | rails | 3.0.0:beta4 |
| rubyonrails | rails | 3.0.0:rc |
| rubyonrails | rails | 3.0.0:rc2 |
| rubyonrails | rails | 3.0.1 |
| rubyonrails | rails | 3.0.1:pre |
| rubyonrails | rails | 3.0.2 |
| rubyonrails | rails | 3.0.2:pre |
| rubyonrails | rails | 3.0.3 |
| rubyonrails | rails | 3.0.4:rc1 |
| rubyonrails | rails | 3.0.5 |
| rubyonrails | rails | 3.0.5:rc1 |
| rubyonrails | rails | 3.0.6 |
| rubyonrails | rails | 3.0.6:rc1 |
| rubyonrails | rails | 3.0.6:rc2 |
| rubyonrails | rails | 3.0.7 |
| rubyonrails | rails | 3.0.7:rc1 |
| rubyonrails | rails | 3.0.7:rc2 |
| rubyonrails | rails | 3.0.8 |
| rubyonrails | rails | 3.0.8:rc1 |
| rubyonrails | rails | 3.0.8:rc2 |
| rubyonrails | rails | 3.0.8:rc3 |
| rubyonrails | rails | 3.0.8:rc4 |
| rubyonrails | rails | 3.0.9 |
| rubyonrails | rails | 3.0.9:rc1 |
| rubyonrails | rails | 3.0.9:rc2 |
| rubyonrails | rails | 3.0.9:rc3 |
| rubyonrails | rails | 3.0.9:rc4 |
| rubyonrails | rails | 3.0.9:rc5 |
| rubyonrails | rails | 3.0.10 |
| rubyonrails | rails | 3.0.10:rc1 |
| rubyonrails | rails | 3.0.11 |
| rubyonrails | rails | 3.0.12 |
| rubyonrails | rails | 3.0.12:rc1 |
| rubyonrails | rails | 3.0.13 |
| rubyonrails | rails | 3.0.13:rc1 |
| rubyonrails | rails | 3.0.14 |
| rubyonrails | rails | 3.0.16 |
| rubyonrails | rails | 3.0.17 |
| rubyonrails | rails | 3.0.18 |
| rubyonrails | rails | 3.0.19 |
| rubyonrails | rails | 3.0.20 |
| rubyonrails | ruby_on_rails | 3.0.4 |
| rubyonrails | rails | 2.3.0 |
| rubyonrails | rails | 2.3.1 |
| rubyonrails | rails | 2.3.2 |
| rubyonrails | rails | 2.3.3 |
| rubyonrails | rails | 2.3.4 |
| rubyonrails | rails | 2.3.9 |
| rubyonrails | rails | 2.3.10 |
| rubyonrails | rails | 2.3.11 |
| rubyonrails | rails | 2.3.12 |
| rubyonrails | rails | 2.3.13 |
| rubyonrails | rails | 2.3.14 |
| rubyonrails | rails | 2.3.15 |
| rubyonrails | rails | 2.3.16 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| rails |
| ||||||||||||||||||||||||||||
| ruby-activerecord-2.3 |
| ||||||||||||||||||||||||||||
| ruby-activerecord-3.2 |
|