Security Advisory

CVE-2013-0277

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-02-13 01:00:00

Last updated 2024-08-06 14:18:09

Assigner redhat

State PUBLISHED

Description

ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML.

← Browse all CVEs View on cve.org ↗