CVE-2020-8185

A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
Configurations

Configuration 1 (hide)

cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

History

21 Oct 2021, 14:36

Type Values Removed Values Added
CPE cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/ - Mailing List, Third Party Advisory

Information

Published : 2020-07-02 19:15

Updated : 2021-10-21 14:36


NVD link : CVE-2020-8185

Mitre link : CVE-2020-8185


JSON object : View

Products Affected

fedoraproject

  • fedora

rubyonrails

  • rails
CWE
CWE-400

Uncontrolled Resource Consumption