Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-2932HistoryAug 29, 2011 - 6:55 p.m.
CVE-2011-2932
2011-08-2918:55:00
Debian Security Bug Tracker
security-tracker.debian.org
14
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.6%
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a “UTF-8 escaping vulnerability.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 11 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 10 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 999 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
| Debian | 13 | all | rails | < 2.3.14 | rails_2.3.14_all.deb |
Related
nessus
nessus
Fedora 14 : rubygem-activesupport-2.3.8-4.fc14 (2011-11600)
2011-09-07 00:00:00
Fedora 15 : rubygem-activesupport-3.0.5-4.fc15 (2011-11579)
2011-09-07 00:00:00
osv
osv
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:38
ubuntucve
ubuntucve
CVE-2011-2932
2011-08-29 00:00:00
github
github
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:38
openvas
openvas
Fedora Update for rubygem-activesupport FEDORA-2011-11600
2011-09-12 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2011-11600
2011-09-12 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2011-11579
2011-09-12 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: rubygem-activesupport-2.3.8-4.fc14
2011-09-07 00:28:44
[SECURITY] Fedora 15 Update: rubygem-activesupport-3.0.5-4.fc15
2011-09-07 00:09:39
[SECURITY] Fedora 16 Update: rubygem-activemodel-3.0.10-1.fc16
2011-09-07 03:23:00
prion
prion
Cross site scripting
2011-08-29 18:55:00
cve
cve
CVE-2011-2932
2011-08-29 18:55:00
gitlab
gitlab
debian
debian
[SECURITY] [DSA 2655-1] rails security update
2013-03-28 16:15:56
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
69.6%
Related for DEBIANCVE:CVE-2011-2932