CVE-2014-0082 — Vulnetix

CVE-2014-0082 PUBLISHED CVSS 9.300000190734863 CRITICAL

De multiples vulnérabilités ont été corrigées dans <span class="textit">Ruby On Rails</span>. Elles permettent à un attaquant de provoquer un déni de service à distance et une injection de code indirecte à distance (XSS).

EPSS 6.46% · 91.2th percentile

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS Score

6.46%

91.2th percentile

Affected Products

Vendor	Product	Versions
Ruby on Rails	Ruby on Rails

Timeline

Feb 19, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 7, 2023 EPSS Score
Mar 22, 2025 EPSS Score
Mar 23, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Mar 30, 2025 EPSS Score
Apr 3, 2025 EPSS Score
Apr 4, 2025 EPSS Score
Apr 17, 2025 EPSS Score
May 1, 2025 EPSS Score
May 7, 2025 EPSS Score

References

http://puppetlabs.com/security/cve/cve-2013-4971 advisory
http://puppetlabs.com/security/cve/cve-2014-0082 advisory
http://puppetlabs.com/security/cve/cve-2013-4966 advisory
http://puppetlabs.com/security/cve/cve-2014-0060 advisory
http://weblog.rubyonrails.org/2014/2/18/Rails_3_2_17_4_0_3_and_4_1_0_beta2_have_been_released/ advisory

Open in Interactive Console →