Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
Related vulnerabilities
GSD-2013-0156
Vulnerability from gsd - Updated: 2013-01-08 00:00Details
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-0156",
"description": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.",
"id": "GSD-2013-0156",
"references": [
"https://www.suse.com/security/cve/CVE-2013-0156.html",
"https://www.debian.org/security/2013/dsa-2604",
"https://access.redhat.com/errata/RHSA-2013:0155",
"https://access.redhat.com/errata/RHSA-2013:0154",
"https://access.redhat.com/errata/RHSA-2013:0153",
"https://packetstormsecurity.com/files/cve/CVE-2013-0156"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack",
"purl": "pkg:gem/actionpack"
}
}
],
"aliases": [
"CVE-2013-0156",
"OSVDB-89026"
],
"details": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.",
"id": "GSD-2013-0156",
"modified": "2013-01-08T00:00:00.000Z",
"published": "2013-01-08T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0156"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 10.0,
"type": "CVSS_V2"
}
],
"summary": "CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html",
"refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2013-0153.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0153.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2013-0154.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2013-0155.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0155.html"
},
{
"name": "http://weblog.rubyonrails.org/2013/1/28/Rails-3-0-20-and-2-3-16-have-been-released/",
"refsource": "MISC",
"url": "http://weblog.rubyonrails.org/2013/1/28/Rails-3-0-20-and-2-3-16-have-been-released/"
},
{
"name": "http://www.debian.org/security/2013/dsa-2604",
"refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2604"
},
{
"name": "http://www.fujitsu.com/global/support/software/security/products-f/sw-sv-rcve-ror201301e.html",
"refsource": "MISC",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/sw-sv-rcve-ror201301e.html"
},
{
"name": "http://www.insinuator.net/2013/01/rails-yaml/",
"refsource": "MISC",
"url": "http://www.insinuator.net/2013/01/rails-yaml/"
},
{
"name": "http://www.kb.cert.org/vuls/id/380039",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/380039"
},
{
"name": "http://www.kb.cert.org/vuls/id/628463",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/628463"
},
{
"name": "https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156"
},
{
"name": "https://groups.google.com/group/rubyonrails-security/msg/c1432d0f8c70e89d?dmode=source\u0026output=gplain",
"refsource": "MISC",
"url": "https://groups.google.com/group/rubyonrails-security/msg/c1432d0f8c70e89d?dmode=source\u0026output=gplain"
},
{
"name": "https://puppet.com/security/cve/cve-2013-0156",
"refsource": "MISC",
"url": "https://puppet.com/security/cve/cve-2013-0156"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2013-0156",
"cvss_v2": 10.0,
"date": "2013-01-08",
"description": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.",
"framework": "rails",
"gem": "actionpack",
"osvdb": 89026,
"patched_versions": [
"~\u003e 2.3.15",
"~\u003e 3.0.19",
"~\u003e 3.1.10",
"\u003e= 3.2.11"
],
"title": "CVE-2013-0156 rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0156"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.3.15 || \u003e=2.4.0 \u003c3.0.19 || \u003e=3.1.0 \u003c3.1.10 || \u003e=3.2.0 \u003c3.2.11",
"affected_versions": "All versions before 2.3.15, all versions starting from 2.4.0 before 3.0.19, all versions starting from 3.1.0 before 3.1.10, all versions starting from 3.2.0 before 3.2.11",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cwe_ids": [
"CWE-1035",
"CWE-20",
"CWE-937"
],
"date": "2019-08-08",
"description": "There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application.",
"fixed_versions": [
"2.3.15",
"3.0.19",
"3.1.10",
"3.2.11"
],
"identifier": "CVE-2013-0156",
"identifiers": [
"CVE-2013-0156"
],
"not_impacted": "NONE",
"package_slug": "gem/actionpack",
"pubdate": "2013-01-13",
"solution": "Upgrade, patches and workarounds available (see source)",
"title": "Multiple vulnerabilities in parameter parsing in Action Pack",
"urls": [
"https://groups.google.com/forum/?fromgroups=#!searchin/rubyonrails-security/2013-0156/rubyonrails-security/61bkgvnSGTQ/nehwjA8tQ8EJ"
],
"uuid": "5fdd47c5-2205-437c-9b44-628b4ea74789"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.19",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.10",
"versionStartIncluding": "3.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.3.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.11",
"versionStartIncluding": "3.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0156"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[rubyonrails-security] 20130108 Multiple vulnerabilities in parameter parsing in Action Pack (CVE-2013-0156)",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "https://groups.google.com/group/rubyonrails-security/msg/c1432d0f8c70e89d?dmode=source\u0026output=gplain"
},
{
"name": "DSA-2604",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2604"
},
{
"name": "RHSA-2013:0154",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
},
{
"name": "VU#628463",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/628463"
},
{
"name": "RHSA-2013:0155",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0155.html"
},
{
"name": "http://www.insinuator.net/2013/01/rails-yaml/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://www.insinuator.net/2013/01/rails-yaml/"
},
{
"name": "https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156"
},
{
"name": "http://weblog.rubyonrails.org/2013/1/28/Rails-3-0-20-and-2-3-16-have-been-released/",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://weblog.rubyonrails.org/2013/1/28/Rails-3-0-20-and-2-3-16-have-been-released/"
},
{
"name": "VU#380039",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/380039"
},
{
"name": "RHSA-2013:0153",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0153.html"
},
{
"name": "APPLE-SA-2013-03-14-1",
"refsource": "APPLE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html"
},
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-036-01A"
},
{
"name": "http://www.fujitsu.com/global/support/software/security/products-f/sw-sv-rcve-ror201301e.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/sw-sv-rcve-ror201301e.html"
},
{
"name": "https://puppet.com/security/cve/cve-2013-0156",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://puppet.com/security/cve/cve-2013-0156"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2023-02-13T00:27Z",
"publishedDate": "2013-01-13T22:55Z"
}
}
}