Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn’t require a browser.

OSVersionArchitecturePackageVersionFilename
Fedora17anyrubygem-actionpack< 3.0.11UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	17	any	rubygem-actionpack	< 3.0.11	UNKNOWN

openvas 43

fedora 14

nessus 30

freebsd 5

redhat 4

github 11

cve 10

osv 10

debiancve 8

prion 11

ubuntucve 10

debian 2

rubygems 12

hackerone 1

gitlab 11

veracode 2

suse 4

ibm 2

threatpost 1

seebug 6

silentrobots 2

openvas

Fedora Update for rubygem-actionpack FEDORA-2013-4199

2013-04-02 00:00:00

Fedora Update for rubygem-actionpack FEDORA-2013-4199

2013-04-02 00:00:00

Fedora Update for rubygem-actionpack FEDORA-2012-11885

2012-08-30 00:00:00

fedora

[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-7.fc17

2012-08-22 21:11:17

[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-8.fc17

2013-01-23 01:53:38

[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-9.fc16

2012-08-22 20:58:55

nessus

Fedora 16 : rubygem-actionpack-3.0.10-9.fc16 (2012-11870)

2012-08-23 00:00:00

Fedora 17 : rubygem-actionpack-3.0.11-7.fc17 (2012-11885)

2012-08-23 00:00:00

RHEL 6 : Ruby on Rails in Subscription Asset Manager (RHSA-2013:0154)

2013-01-24 00:00:00

freebsd

rubygem-rails -- multiple vulnerabilities

2012-08-08 00:00:00

Rails 4 -- Unsafe Query Generation Risk in Active Record

2016-08-11 00:00:00

rubygem-rails -- multiple vulnerabilities

2013-03-18 00:00:00

redhat

(RHSA-2013:0154) Critical: Ruby on Rails security update

2013-01-10 20:37:00

(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update

2013-02-28 00:00:00

(RHSA-2013:0698) Moderate: rubygem-actionpack and ruby193-rubygem-actionpack security update

2013-04-02 00:00:00

github

Moderate severity vulnerability that affects activerecord

2018-08-13 20:49:01

Active Record allows bypassing of database-query restrictions

2017-10-24 18:33:37

ActiveRecord in Ruby on Rails allows database-query bypass

2017-10-24 18:33:35

cve

CVE-2013-0155

2013-01-13 22:55:00

CVE-2016-6317

2016-09-07 19:28:00

CVE-2012-2660

2012-06-22 14:55:00

osv

Active Record allows bypassing of database-query restrictions

2017-10-24 18:33:37

ActiveRecord in Ruby on Rails allows database-query bypass

2017-10-24 18:33:35

Action Pack contains database-query restrictions bypass

2017-10-24 18:33:38

debiancve

CVE-2013-0155

2013-01-13 22:55:00

CVE-2016-6317

2016-09-07 19:28:00

CVE-2012-3465

2012-08-10 10:34:00

prion

Design/Logic Flaw

2013-01-13 22:55:00

Design/Logic Flaw

2016-09-07 19:28:00

Race condition

2012-06-22 14:55:00

ubuntucve

CVE-2013-0155

2013-01-13 00:00:00

CVE-2016-6317

2016-09-07 00:00:00

CVE-2012-2694

2012-06-22 00:00:00

debian

[SECURITY] [DSA 2655-1] rails security update

2013-03-28 16:15:56

[SECURITY] [DSA 2609-1] rails security update

2013-01-16 21:17:01

rubygems

CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails

2013-01-07 20:00:00

Unsafe Query Generation Risk in Active Record

2016-08-10 21:00:00

CVE-2012-2660 rubygem-actionpack: Unsafe query generation

2012-05-30 20:00:00

hackerone

Ruby on Rails: Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass

2016-05-17 13:38:03

gitlab

Unsafe Query Generation Risk

2016-09-07 00:00:00

Moderate severity vulnerability that affects actionpack

2017-10-24 00:00:00

Moderate severity vulnerability that affects actionpack

2017-10-24 00:00:00

veracode

Database-query Authentication Bypass

2019-01-15 08:53:36

Cross-site Scripting (XSS)

2019-01-15 08:51:19

suse

Security update for rubygem-actionpack (important)

2012-08-21 20:08:29

rubygem-actionpack/activerecord-2_3 (important)

2012-08-09 18:08:34

Security update for rubygem-actionpack (important)

2012-08-21 19:08:38

ibm

Security Bulletin: IBM Security Network Protection can be affected by Cross-Site Scripting and Symbol Denial of Service vulnerabilities in Ruby on Rails (CVE-2013-1854, CVE-2013-1857, CVE-2013-1855)

2022-09-25 21:06:56

Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)

2021-01-25 20:13:51

threatpost

Ruby on Rails Patches DoS, XSS Vulnerabilities

2013-03-19 16:31:57

seebug

Ruby on Rails 'strip_tags()'跨站脚本执行漏洞

2012-08-13 00:00:00

Ruby on Rails 'select_tag()'方法跨站脚本执行漏洞

2012-08-13 00:00:00

Ruby on Rails 'authenticate_or_request_with_http_digest'方法拒绝服务漏洞

2012-07-31 00:00:00

silentrobots

Searching Through Git Commits

2014-10-06 04:00:00

Searching Through Git Commits

2014-10-06 04:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

JSON

Related for FEDORA:5EBB0209F9