Safemode ProjectCVEs & Vulnerabilities
2 CVEs affecting Safemode Project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
safemode 2
CVE-2017-7540CRITICAL
rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation.
22 Jul 2017
9.8
CVSS
CVE-2016-3693HIGH
The Safemode gem before 1.2.4 for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.
20 May 2016
8.1
CVSS
← PrevPage 1 / 1Next →