YAML


Some Versions of Ruby on Rails Vulnerable to New Parsing Attack

A vulnerability exists in Ruby on Rails’ JavaScript Object Notation (JSON) code that could open the Web framework up to a slew of security problems. Patches were published yesterday, but if left unpatched, the vulnerability could let attackers bypass authentication systems, inject arbitrary SQL code, inject and execute arbitrary code and perform a denial of service attack on a Ruby on Rails app.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.