CVE-2013-0156 (retired)

Priority
Description
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15,
3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not
properly restrict casts of string values, which allows remote attackers to
conduct object-injection attacks and execute arbitrary code, or cause a
denial of service (memory and CPU consumption) involving nested XML entity
references, by leveraging Action Pack support for (1) YAML type conversion
or (2) Symbol type conversion.
Notes
 mdeslaur> in Oneiric+, rails package is just for transition
 jdstrand> authentication bypass actively being exploited
 jdstrand> per Debian, on Ubuntu 11.10+, vulnerability is in
  ruby-activesupport* for rails
Package
Upstream:needs-triage
Package
Source: rails (LP Ubuntu Debian)
Upstream:needs-triage
Patches:
Vendor:http://www.debian.org/security/2013/dsa-2604
Package
Upstream:released (2.3.14-5)
Package
Upstream:released (3.2.6-5)
Package
Upstream:released (0.9.15-3)
More Information

Updated: 2019-08-23 08:52:00 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)