GCVE - cpe:2.3:a:https://github.com/sferik:rails_admin_ruby

Approved changes feed: RSS · Atom

cpe:2.3:a:https://github.com/sferik:rails_admin_ruby_gem:*:*:*:*:*:*:*:*

part: a version: rails_admin_ruby_gem update: *

Vendor	Https (`d7181f43-5065-54de-83f7-090f042665aa`)
Product	//Github.Com/Sferik (`979f25b9-911c-5e1b-804e-7e8f1a82594b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2016-10522`	vulnerable	2026-06-03 14:35:29.242765	Details available rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem. Published: 2018-07-05T16:00:00.000Z Updated: 2024-08-06T03:21:52.174Z Open on db.gcve.eu Reference links https://www.sourceclear.com/blog/Rails_admin-Vulnerability-Disclosure/ https://github.com/sferik/rails_admin/commit/b13e879eb93b661204e9fb5e55f7afa4f397537a https://www.sourceclear.com/registry/security/cross-site-request-forgery-csrf-/ruby/sid-3173	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.