VDB
WID-SEC-W-2023-1092
WID-SEC-W-2023-1092
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source Ruby on Rails < 6.0.3.3 | ||
| Open Source Ruby on Rails < 5.2.4.4 | ||
| Debian Linux | ||
| SUSE Linux |
Timeline
- Sep 9, 2020 CVE Published
- Apr 27, 2023 CVE Updated
- Apr 30, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2023-1092.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1092 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-April/014619.html url
- https://weblog.rubyonrails.org/2020/9/10/Rails-5-2-4-4-and-6-0-3-3-have-been-released/ url
- http://lists.suse.com/pipermail/sle-security-updates/2020-September/007446.html url
- https://www.debian.org/security/2020/dsa-4766 url
- https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202010/msg00015.html url
- http://lists.suse.com/pipermail/sle-security-updates/2020-October/007625.html url
- https://lists.suse.com/pipermail/sle-security-updates/2020-November/007691.html url
- https://lists.suse.com/pipermail/sle-security-updates/2020-November/007702.html url
- https://lists.suse.com/pipermail/sle-security-updates/2020-November/007763.html url
- https://lists.suse.com/pipermail/sle-security-updates/2020-December/008099.html url