Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-3464HistoryAug 10, 2012 - 10:34 a.m.
CVE-2012-3464
2012-08-1010:34:00
Debian Security Bug Tracker
security-tracker.debian.org
21
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.7%
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ’ (quote) character.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 11 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 10 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 999 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
| Debian | 13 | all | rails | < 2.3.14.1 | rails_2.3.14.1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 17 Update: rubygem-activesupport-3.0.11-6.fc17
2012-08-22 21:12:40
[SECURITY] Fedora 16 Update: rubygem-activesupport-3.0.10-4.fc16
2012-08-22 21:13:38
[SECURITY] Fedora 17 Update: rubygem-activesupport-3.0.11-7.fc17
2013-01-23 01:53:38
nessus
nessus
Fedora 16 : rubygem-activesupport-3.0.10-4.fc16 (2012-11880)
2012-08-23 00:00:00
Fedora 17 : rubygem-activesupport-3.0.11-6.fc17 (2012-11888)
2012-08-23 00:00:00
osv
osv
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:37
prion
prion
Cross site scripting
2012-08-10 10:34:00
openvas
openvas
Fedora Update for rubygem-activesupport FEDORA-2012-11888
2012-08-30 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2012-11888
2012-08-30 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2012-11880
2012-08-24 00:00:00
ubuntucve
ubuntucve
CVE-2012-3464
2012-08-10 00:00:00
github
github
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:37
cve
cve
CVE-2012-3464
2012-08-10 10:34:00
gitlab
gitlab
Potential XSS Vulnerability in Ruby on Rails
2012-08-10 00:00:00
rubygems
rubygems
CVE-2012-3464 rubygem-actionpack: potential XSS vulnerability
2012-08-08 20:00:00
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2012-08-08 00:00:00
debian
debian
[SECURITY] [DSA 2655-1] rails security update
2013-03-28 16:15:56
redhat
redhat
(RHSA-2013:0154) Critical: Ruby on Rails security update
2013-01-10 20:37:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
59.7%
Related for DEBIANCVE:CVE-2012-3464