CVE-2016-0753: Improper Input Validation

February 16, 2016 (updated August 8, 2019)

The Rails gem supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted parameters.

References

nvd.nist.gov/vuln/detail/CVE-2016-0753

Detect and mitigate CVE-2016-0753 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →