CVE-2020-8151: Information disclosure issue in Active Resource
(updated )
There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.
References
- github.com/advisories/GHSA-46j2-xjgp-jrfm
- github.com/rails/activeresource
- github.com/rails/activeresource/commit/0de18f7e96fa90bbf23b16ac11980bc2cb6a716e
- github.com/rails/rails/commit/0e969bdaf8ff2e3384350687aa0b583f94d6dfbc
- groups.google.com/forum/
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P7B7A4H22DZ522HLDS3JX3NX2CXIOZSR
- nvd.nist.gov/vuln/detail/CVE-2020-8151
Code Behaviors & Features
Detect and mitigate CVE-2020-8151 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →