Deserialization in Https://github.com/rails/rails
CVE-2020-8165
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
Vulnerability class: Insecure Deserialization
EPSS: 0.901 (99.6th percentile) — read the EPSS interpretation.
Affected products
- N/a Https://github.com/rails/rails — versions Fixed in 5.2.4.3, 6.0.3.1
Weakness classification (CWE)
Public proof-of-concept exploits
References
- hackerone.com/reports/413388 (x_refsource_MISC)
- groups.google.com/g/rubyonrails-security/c/bv6fW4S0Y1c (x_refsource_MISC)
- [debian-lts-announce] 20200619 [SECURITY] [DLA 2251-1] rails security update (mailing-list, x_refsource_MLIST)
- weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released/ (x_refsource_CONFIRM)
- [debian-lts-announce] 20200720 [SECURITY] [DLA 2282-1] rails security update (mailing-list, x_refsource_MLIST)
- DSA-4766 (vendor-advisory, x_refsource_DEBIAN)
- openSUSE-SU-2020:1677 (vendor-advisory, x_refsource_SUSE)
- openSUSE-SU-2020:1679 (vendor-advisory, x_refsource_SUSE)
Frequently asked questions
- What is CVE-2020-8165?
- CVE-2020-8165 is a vulnerability in Https://github.com/rails/rails, classified under Deserialization of Untrusted Data. Published 2020-06-19.
- Is CVE-2020-8165 known to be exploited?
- 19 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.