A vulnerability, which was classified as problematic, has been found in actionpack Gem up to 5.2.4.5/5.2.5/6.0.3.6/6.1.3.1 on Ruby (Ruby Gem). Affected by this issue is the function authenticate_or_request_with_http_token/authenticate_with_http_token of the component Action Controller. Upgrading to version 5.2.4.6, 5.2.6, 6.0.3.7 or 6.1.3.2 eliminates this vulnerability.
actionpack Gem up to 5.2.4.5/5.2.5/6.0.3.6/6.1.3.1 on Ruby Action Controller resource consumption
- Virtual Patching
- June 12, 2021
- 3:56 am
- Virtual Patching
- June 12, 2021
- 3:56 am
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2024-20418 : CISCO IOS XE CONTROLLER WEB-BASED MANAGEMENT INTERFACE COMMAND INJECTION
Description A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB)
CVE-2024-20536 : CISCO DATA CENTER NETWORK MANAGER 12.1.2E/12.1.2P/12.1.3B WEB-BASED MANAGEMENT INTERFACE/REST API ENDPOINT SQL INJECTION
Description A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could
CVE-2024-50340 : SYMFONY INJECTION
Description symfony/runtime is a module for the Symphony PHP framework which enables decoupling PHP applications from global state. When the