CVE-2020-8164 vulnerability in Ruby on Rails and Other Products
Published on June 19, 2020

A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2020-8164 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Products Associated with CVE-2020-8164

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-8164 are published in these products:

Ruby on Rails Rails

Debian Linux

OpenSuse Leap

OpenSuse Backports Sle

Exploit Probability

EPSS

7.39%

Percentile

91.58%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-8164 vulnerability in Ruby on Rails and Other ProductsPublished on June 19, 2020

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2020-8164

Exploit Probability

CVE-2020-8164 vulnerability in Ruby on Rails and Other Products
Published on June 19, 2020