CVE-2020-8185

Summary

A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.

Affected Software

VendorProductVersion RangeStatus
n/ahttps://github.com/rails/railsFixed in 6.0.3.2affected

Weaknesses

  • CWE-400: Denial of Service (CWE-400)

ADP Enrichment

CVE Program Container

Additional References

References