Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-4890: fixed security vulnerability · abhilash1985/PredictApp@b067372

A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp. This issue affects some unknown processing of the file config/initializers/new_framework_defaults_7_0.rb of the component Cookie Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The name of the patch is b067372f3ee26fe1b657121f0f41883ff4461a06. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218387.

CVE
#vulnerability#js#git#ruby

Skip to content

Sign up

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog
    • For

    • Enterprise

    • Teams

    • Startups

    • Education

    • By Solution

    • CI/CD & Automation

    • DevOps

    • DevSecOps

    • Case Studies

    • Customer Stories

    • Resources

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections
  • Pricing

  • In this repository All GitHub

  • No suggested jump to results

  • In this repository All GitHub

  • In this user All GitHub

  • In this repository All GitHub

Sign in

Sign up

abhilash1985 / PredictApp Public

  • Notifications
  • Fork 1
  • Star 2
  • Code
  • Issues
  • Pull requests 5
  • Actions
  • Projects
  • Wiki
  • Security
  • Insights

More

Permalink

Browse files

fixed security vulnerability

  • Loading branch information

Abhilash V committed

Mar 21, 2022

1 parent f485c99 commit b067372f3ee26fe1b657121f0f41883ff4461a06

Showing 1 changed file with 1 addition and 1 deletion.

2 config/initializers/new_framework_defaults_7_0.rb

Show comments View file

@@ -92,7 +92,7 @@

# If you have configured the serializer elsewhere, you can remove this.

# See https://guides.rubyonrails.org/action_controller_overview.html#cookies for more information.

Rails.application.config.action_dispatch.cookies_serializer = :hybrid

Rails.application.config.action_dispatch.cookies_serializer = :json

# Enable parameter wrapping for JSON.

# Previously this was set in an initializer. It’s fine to keep using that initializer if you’ve customized it.

0 comments on commit b067372

Please sign in to comment.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907