NuytsTech Security

CVE-2020-8164

by ·

A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. Date published : 2020-06-19 https://www.debian.org/security/2020/dsa-4766

https://groups.google.com/g/rubyonrails-security/c/f6ioe4sdpbY

Tags: