|Category:||Debian Local Security Checks|
|Title:||Debian LTS: Security Advisory for rails (DLA-2251-1)|
|Summary:||The remote host is missing an update for the 'rails'; package(s) announced via the DLA-2251-1 advisory.|
The remote host is missing an update for the 'rails'
package(s) announced via the DLA-2251-1 advisory.
Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based
framework geared for web application development, which could lead to
remote code execution and untrusted user input usage, depending on the
Strong parameters bypass vector in ActionPack. In some cases user
supplied information can be inadvertently leaked from Strong
Parameters. Specifically the return value of `each`, or
`each_value`, or `each_pair` will return the underlying
'untrusted' hash of data that was read from the parameters.
Applications that use this return value may be inadvertently use
untrusted user input.
Potentially unintended unmarshalling of user-provided objects in
MemCacheStore. There is potentially unexpected behaviour in the
MemCacheStore where, when untrusted user input is written to the
cache store using the `raw: true` parameter, re-reading the result
from the cache can evaluate the user input as a Marshalled object
instead of plain text. Unmarshalling of untrusted user input can
have impact up to and including RCE. At a minimum, this
vulnerability allows an attacker to inject untrusted Ruby objects
into a web application.
In addition to upgrading to the latest versions of Rails,
developers should ensure that whenever they are calling
`Rails.cache.fetch` they are using consistent values of the `raw`
parameter for both reading and writing.
'rails' package(s) on Debian Linux.
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your rails packages.
Common Vulnerability Exposure (CVE) ID: CVE-2020-8164|
Debian Security Information: DSA-4766 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1533 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1536 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1575 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-8165
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.