CVE-2013-7249: Remote attackers can obtain sensitive informations

January 2, 2014 (updated January 3, 2014)

This package contains a flaw that is triggered when the attacker sends a direct request for XML data. This may allow a remote attacker to gain access to potentially sensitive information.

References

github.com/rubysec/ruby-advisory-db/blob/master/gems/fat_free_crm/OSVDB-101700.yml

Detect and mitigate CVE-2013-7249 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →