CVE-2010-3299

Summary

The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.

Affected Software

VendorProductVersion RangeStatus
railsrails2.3affected

Weaknesses

  • on rails: padding oracle attack

ADP Enrichment

CVE Program Container

Additional References

References