Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn’t require a browser.

OSVersionArchitecturePackageVersionFilename
Fedora22anyrubygem-actionpack< 4.2.0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	22	any	rubygem-actionpack	< 4.2.0	UNKNOWN

openvas 22

nessus 20

fedora 9

ibm 1

freebsd 1

redhat 3

debian 10

suse 1

osv 10

cve 6

hackerone 6

debiancve 6

ubuntucve 6

github 7

prion 6

veracode 3

rubygems 8

saint 3

attackerkb 2

gitlab 2

zdt 1

checkpoint_advisories 1

cisa_kev 1

packetstorm 1

metasploit 1

exploitdb 1

seebug 2

apple 2

kitploit 1

openvas

Fedora Update for rubygem-actionpack FEDORA-2016-94

2016-02-29 00:00:00

Fedora Update for rubygem-activemodel FEDORA-2016-94

2016-02-29 00:00:00

Ruby on Rails Multiple Vulnerabilities-01 (Oct 2016) - Linux

2016-10-17 00:00:00

nessus

Fedora 22 : rubygem-actionpack-4.2.0-3.fc22 / rubygem-activemodel-4.2.0-2.fc22 (2016-94e71ee673)

2016-03-04 00:00:00

openSUSE Security Update : rubygem-actionpack-4_2 / rubygem-actionview-4_2 / rubygem-activemodel-4_2 / etc (openSUSE-2016-159)

2016-02-08 00:00:00

FreeBSD : rails -- multiple vulnerabilities (bb0ef21d-0e1b-461b-bc3d-9cba39948888)

2016-02-03 00:00:00

fedora

[SECURITY] Fedora 22 Update: rubygem-activemodel-4.2.0-2.fc22

2016-02-28 08:31:04

[SECURITY] Fedora 23 Update: rubygem-actionpack-4.2.3-4.fc23

2016-02-28 12:29:15

[SECURITY] Fedora 22 Update: rubygem-activesupport-4.2.0-4.fc22

2016-02-28 08:31:16

ibm

Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9, IBM BigFix Inventory v9 and IBM Endpoint Manager for Software Use Analysis v9 & v2.2

2021-04-26 21:17:25

freebsd

rails -- multiple vulnerabilities

2016-01-25 00:00:00

redhat

(RHSA-2016:0296) Important: rh-ror41 security update

2016-02-24 00:00:00

(RHSA-2016:0454) Important: ror40 security update

2016-03-15 00:00:00

(RHSA-2016:0455) Important: ruby193 security update

2016-03-15 00:00:00

debian

[SECURITY] [DSA 3464-1] rails security update

2016-01-31 18:43:51

[SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update

2016-08-28 18:14:37

[SECURITY] [DLA 498-1] ruby-activemodel-3.2 security update

2016-05-31 17:22:59

suse

Security update for portus (important)

2016-04-25 20:07:56

osv

ruby-actionpack-3.2 - security update

2016-08-28 00:00:00

actionpack is vulnerable to denial of service because of a wildcard controller route

2017-10-24 18:33:36

actionpack is vulnerable to remote bypass authentication

2017-10-24 18:33:36

cve

CVE-2015-7581

2016-02-16 02:59:00

CVE-2015-7576

2016-02-16 02:59:00

CVE-2016-0752

2016-02-16 02:59:00

hackerone

Ruby on Rails: DoS Attack in Controller Lookup Code

2015-08-22 01:34:13

Ruby on Rails: http_basic_authenticate_with is suseptible to timing attacks.

2015-10-19 11:01:33

Ruby on Rails: Explicit, dynamic render path: Dir. Trav + RCE

2015-02-01 14:34:27

debiancve

CVE-2015-7581

2016-02-16 02:59:00

CVE-2015-7576

2016-02-16 02:59:00

CVE-2016-0752

2016-02-16 02:59:00

ubuntucve

CVE-2015-7581

2016-02-16 00:00:00

CVE-2015-7576

2016-02-16 00:00:00

CVE-2016-0751

2016-02-16 00:00:00

github

actionpack is vulnerable to denial of service because of a wildcard controller route

2017-10-24 18:33:36

actionpack is vulnerable to remote bypass authentication

2017-10-24 18:33:36

actionpack is vulnerable to denial of service via a crafted HTTP Accept header

2017-10-24 18:33:35

prion

Code injection

2016-02-16 02:59:00

Authentication flaw

2016-02-16 02:59:00

Directory traversal

2016-02-16 02:59:00

veracode

Timing Attack Vulnerability In Basic Authentication

2019-01-15 09:10:28

Remote Code Execution (RCE) And Information Disclosure

2016-01-26 05:48:59

Directory Traversal And Information Disclosure

2019-01-15 09:10:39

rubygems

Object leak vulnerability for wildcard controller routes in Action Pack

2016-01-24 21:00:00

Timing attack vulnerability in basic authentication in Action Controller.

2016-01-24 21:00:00

Possible Information Leak Vulnerability in Action View

2016-01-24 21:00:00

saint

Ruby on Rails Dynamic Render code execution

2016-11-11 00:00:00

Ruby on Rails Dynamic Render code execution

2016-11-11 00:00:00

Ruby on Rails Dynamic Render code execution

2016-11-11 00:00:00

attackerkb

CVE-2016-0752

2016-02-16 00:00:00

CVE-2016-2097

2016-04-07 00:00:00

gitlab

Possible Information Leak Vulnerability

2016-02-15 00:00:00

Possible Input Validation Circumvention

2016-02-15 00:00:00

zdt

Ruby on Rails Dynamic Render File Upload Remote Code Execution

2016-10-15 00:00:00

checkpoint_advisories

Ruby On Rails Directory Traversal (CVE-2016-0752)

2022-04-19 00:00:00

cisa_kev

Ruby on Rails Directory Traversal Vulnerability

2022-03-25 00:00:00

packetstorm

Ruby on Rails Dynamic Render File Upload Remote Code Execution

2016-10-13 00:00:00

metasploit

Ruby on Rails Dynamic Render File Upload Remote Code Execution

2016-10-10 22:36:20

exploitdb

Ruby on Rails - Dynamic Render File Upload / Remote Code Execution (Metasploit)

2016-10-17 00:00:00

seebug

Rails Dynamic Render 远程命令执行漏洞 (CVE-2016-0752)

2016-01-27 00:00:00

Ruby on Rails Action View 信息泄漏

2016-03-17 00:00:00

apple

About the security content of macOS Server 5.3 - Apple Support

2017-03-28 04:58:08

About the security content of macOS Server 5.3

2017-03-27 00:00:00

kitploit

Master_Librarian - A Simple Tool To Audit Unix/*BSD/Linux System Libraries To Find Public Security Vulnerabilities

2022-03-09 20:30:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for FEDORA:2B32A60560AC