Description
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
References (7)
Core 7
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html
Exploit mailing-list
x_refsource_mlist
https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source&output=gplain
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0154.html
Scores
EPSS
0.0022
EPSS Percentile
44.5%
Details
CWE
CWE-264
Status
published
Products (17)
rubygems/actionpack
3.0.13 - 3.0.14RubyGems
rubyonrails/rails
3.0.0 (7 CPE variants)
rubyonrails/rails
3.0.1 (2 CPE variants)
rubyonrails/rails
3.0.2 (2 CPE variants)
rubyonrails/rails
3.0.3
rubyonrails/rails
3.0.4 rc1
rubyonrails/rails
3.0.5 (2 CPE variants)
rubyonrails/rails
3.0.6 (3 CPE variants)
rubyonrails/rails
3.0.7 (3 CPE variants)
rubyonrails/rails
3.0.8 (5 CPE variants)
... and 7 more
Published
Jun 22, 2012
Tracked Since
Feb 18, 2026