Description
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Gallery-NextGEN Gallery Cross-Site Request Forgery (3.28)
WordPress Plugin Clever Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.0.15)
WordPress Plugin WooCommerce Checkout Manager Multiple Unspecified Vulnerabilities (3.6.9)
MySQL CVE-2024-20985 Vulnerability (CVE-2024-20985)
Oracle Application Server Other Vulnerability (CVE-2002-0560)