You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1. Discovery Date: 2019-08-08 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
CVE-2018-16476
Description: A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.
Discovery Date: 2019-08-08
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score: 5.0
Exploitability score: 10.0Impact score: 2.9
Vendors
References
The text was updated successfully, but these errors were encountered: