N/A

The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before 1.0.3 for Ruby does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.

N/A

N/A

Ruby nori Gem ‘XML’参数远程命令执行漏洞

nori gem for Ruby是一款Ruby应用 Ruby的nori gem 2.0.2之前的2.0.x版本，1.1.4之前的1.1.x版本，1.0.3之前的1.0.x版本中存在漏洞，该漏洞源于程序没有正确限制字符串值的类型转换。通过利用Action Pack支持(1)YAML或(2)Symbol类型转换，远程攻击者可利用该漏洞实施对象注入攻击并执行任意代码，或导致拒绝服务（内存和CUP耗尽）涉及嵌套的XML实体引用。

N/A

N/A