Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-2930HistoryAug 29, 2011 - 6:55 p.m.
CVE-2011-2930
2011-08-2918:55:00
Debian Security Bug Tracker
security-tracker.debian.org
15
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
71.8%
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 11 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 10 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 999 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 13 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
Related
prion
prion
Sql injection
2011-08-29 18:55:00
osv
osv
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
rails - several
2012-01-23 00:00:00
rails - several
2012-01-23 00:00:00
cve
cve
CVE-2011-2930
2011-08-29 18:55:00
gitlab
gitlab
github
github
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
ubuntucve
ubuntucve
CVE-2011-2930
2011-08-29 00:00:00
openvas
openvas
FreeBSD Ports: rubygem-rails
2011-09-21 00:00:00
FreeBSD Ports: rubygem-rails
2011-09-21 00:00:00
Fedora Update for rubygem-actionmailer FEDORA-2011-11386
2012-04-02 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2301-1] rails security update
2011-09-09 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: rubygem-activerecord-3.0.10-1.fc16
2011-09-07 03:23:00
[SECURITY] Fedora 16 Update: rubygem-activemodel-3.0.10-1.fc16
2011-09-07 03:23:00
[SECURITY] Fedora 16 Update: rubygem-activesupport-3.0.10-1.fc16
2011-09-07 03:23:00
nessus
nessus
Debian DSA-2301-2 : rails - several vulnerabilities
2011-09-06 00:00:00
Fedora 16 : rubygem-actionmailer-3.0.10-1.fc16 / rubygem-actionpack-3.0.10-1.fc16 / etc (2011-11386)
2011-09-07 00:00:00
openSUSE Security Update : rubygem-actionmailer (openSUSE-SU-2011:1305-1)
2014-06-13 00:00:00
debian
debian
[SECURITY] [DSA 2301-1] rails security update
2011-09-05 20:25:54
[SECURITY] [DSA 2301-2] rails regression
2012-01-23 18:35:53
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
71.8%
Related for DEBIANCVE:CVE-2011-2930