CVE-2020-8151
published 2020-05-12CVE-2020-8151: There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | rails | — | — |
| fedoraproject | fedora | — | — |
| https | github.com_rails_activeresource | — | — |
| https | github.com_rails_activeresource | >= 3.0.0.rc < 5.1.1 | 5.1.1 |
| rubyonrails | active_resource | < 5.1.1 | 5.1.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv7.5HIGH