Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn’t require a browser.

OSVersionArchitecturePackageVersionFilename
Fedora17anyrubygem-actionpack< 3.0.11UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	17	any	rubygem-actionpack	< 3.0.11	UNKNOWN

openvas 54

fedora 22

redhat 3

nessus 26

freebsd 4

github 9

cve 9

osv 10

debiancve 6

prion 9

ubuntucve 8

rubygems 3

hackerone 1

gitlab 8

veracode 2

ibm 1

suse 4

ics 1

seebug 4

silentrobots 2

packetstorm 1

metasploit 3

checkpoint_advisories 1

zdt 2

kitploit 1

saint 2

debian 1

cert 1

threatpost 1

openvas

Fedora Update for rubygem-actionpack FEDORA-2013-0635

2013-01-24 00:00:00

Fedora Update for rubygem-actionpack FEDORA-2013-0635

2013-01-24 00:00:00

Fedora Update for rubygem-actionpack FEDORA-2012-11885

2012-08-30 00:00:00

fedora

[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-7.fc17

2012-08-22 21:11:17

[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-9.fc17

2013-03-30 21:27:37

[SECURITY] Fedora 16 Update: rubygem-actionpack-3.0.10-10.fc16

2013-01-23 01:34:00

redhat

(RHSA-2013:0154) Critical: Ruby on Rails security update

2013-01-10 20:37:00

(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update

2013-02-28 00:00:00

(RHSA-2013:0153) Critical: Ruby on Rails security update

2013-01-10 00:00:00

nessus

RHEL 6 : Ruby on Rails in Subscription Asset Manager (RHSA-2013:0154)

2013-01-24 00:00:00

Fedora 17 : rubygem-actionpack-3.0.11-7.fc17 (2012-11885)

2012-08-23 00:00:00

FreeBSD : rubygem-rails -- multiple vulnerabilities (31db9a18-e289-11e1-a57d-080027a27dbf)

2012-08-10 00:00:00

freebsd

rubygem-rails -- multiple vulnerabilities

2012-08-08 00:00:00

Rails 4 -- Unsafe Query Generation Risk in Active Record

2016-08-11 00:00:00

rubygem-rails -- multiple vulnerabilities

2013-01-08 00:00:00

github

Moderate severity vulnerability that affects activerecord

2018-08-13 20:49:01

Active Record allows bypassing of database-query restrictions

2017-10-24 18:33:37

ActiveRecord in Ruby on Rails allows database-query bypass

2017-10-24 18:33:35

cve

CVE-2013-0155

2013-01-13 22:55:00

CVE-2016-6317

2016-09-07 19:28:00

CVE-2012-2694

2012-06-22 14:55:00

osv

Active Record allows bypassing of database-query restrictions

2017-10-24 18:33:37

ActiveRecord in Ruby on Rails allows database-query bypass

2017-10-24 18:33:35

Action Pack contains database-query restrictions bypass

2017-10-24 18:33:38

debiancve

CVE-2013-0155

2013-01-13 22:55:00

CVE-2016-6317

2016-09-07 19:28:00

CVE-2012-3465

2012-08-10 10:34:00

prion

Design/Logic Flaw

2013-01-13 22:55:00

Design/Logic Flaw

2016-09-07 19:28:00

Race condition

2012-06-22 14:55:00

ubuntucve

CVE-2013-0155

2013-01-13 00:00:00

CVE-2016-6317

2016-09-07 00:00:00

CVE-2012-2694

2012-06-22 00:00:00

rubygems

CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails

2013-01-07 20:00:00

Unsafe Query Generation Risk in Active Record

2016-08-10 21:00:00

CVE-2012-2660 rubygem-actionpack: Unsafe query generation

2012-05-30 20:00:00

hackerone

Ruby on Rails: Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass

2016-05-17 13:38:03

gitlab

Unsafe Query Generation Risk

2016-09-07 00:00:00

Moderate severity vulnerability that affects actionpack

2017-10-24 00:00:00

Moderate severity vulnerability that affects actionpack

2017-10-24 00:00:00

veracode

Database-query Authentication Bypass

2019-01-15 08:53:36

Denial Of Service (DoS) Memory Consumption, Arbitrary Code Execution And Object-injection Attacks

2019-01-15 08:53:34

ibm

Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)

2021-01-25 20:13:51

suse

Security update for rubygem-actionpack (important)

2012-08-21 20:08:29

rubygem-actionpack/activerecord-2_3 (important)

2012-08-09 18:08:34

Security update for rubygem-actionpack (important)

2012-08-21 19:08:38

ics

Wonderware Intelligence Tableau Server Ruby on Rails Improper Input Validation (Update A)

2013-02-21 00:00:00

seebug

Ruby on Rails 'strip_tags()'跨站脚本执行漏洞

2012-08-13 00:00:00

Ruby on Rails 'select_tag()'方法跨站脚本执行漏洞

2012-08-13 00:00:00

Ruby on Rails 'authenticate_or_request_with_http_digest'方法拒绝服务漏洞

2012-07-31 00:00:00

silentrobots

Searching Through Git Commits

2014-10-06 04:00:00

Searching Through Git Commits

2014-10-06 04:00:00

packetstorm

Ruby On Rails XML Processor YAML Deserialization Code Execution

2013-01-11 00:00:00

metasploit

Ruby on Rails XML Processor YAML Deserialization Scanner

2013-01-09 18:50:38

Ruby on Rails XML Processor YAML Deserialization Code Execution

2013-01-10 05:10:13

Ruby on Rails JSON Processor YAML Deserialization Scanner

2013-02-11 22:48:44

checkpoint_advisories

Ruby on Rails XML Processor YAML Deserialization Code Execution (CVE-2013-0156)

2013-01-20 00:00:00

zdt

Action Pack Multiple Vulnerabilities

2013-01-09 00:00:00

Ruby On Rails XML Processor YAML Deserialization Code Execution

2013-01-11 00:00:00

kitploit

[Nmap v6.40] Free Security Scanner For Network Exploration & Security Audits

2013-08-21 01:33:00

saint

Ruby on Rails XML Processor YAML Deserialization

2013-02-15 00:00:00

Ruby on Rails XML Processor YAML Deserialization

2013-02-15 00:00:00

debian

[SECURITY] [DLA 172-1] libextlib-ruby security update

2015-03-14 19:01:22

cert

Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters

2013-01-08 00:00:00

threatpost

Ruby on Rails Exploit Harvests IRC Botnet

2013-05-28 18:56:05

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for FEDORA:8F063214D7