CVE-2020-8164

CVE-2020-8164

Vendor N/A
Product https://github.com/rails/rails
Weakness CWE-502 · Unsafe deserialization
Published June 19, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.

Key dates

02Disclosure timeline

June 19, 2020 CVE published
August 4, 2024 Record updated