icon

We found results for “

WS-2014-0018

Good to know:

icon

Date: July 9, 2014

"Brbackup Gem for Ruby contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the /lib/brbackup.rb script not properly sanitizing user-supplied input to the ‘name’ parameter. "

Language: Ruby

Severity Score

Severity Score

Weakness Type (CWE)

Injection

CWE-74

SQL Injection

CWE-89

Top Fix

icon

Upgrade Version

No fix version available

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): LOW

Do you need more information?

Contact Us