6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.173 Low
EPSS
Percentile
96.0%
Rails weblog:
Rails 3.2.16 and 4.0.2 have been released! These two
releases contain important security fixes, so please upgrade
as soon as possible! In order to make upgrading as smooth as
possible, we’ve only included commits directly related to
each security issue.
The security fixes in 3.2.16 are:
CVE-2013-4491
CVE-2013-6414
CVE-2013-6415
CVE-2013-6417
The security fixes in 4.0.2 are:
CVE-2013-4491
CVE-2013-6414
CVE-2013-6415
CVE-2013-6416
CVE-2013-6417
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | rubygem-actionmailer | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-actionpack | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-activemodel | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-activerecord | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-activeresource | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-activesupport | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-rails | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-railties | < 3.2.16 | UNKNOWN |
FreeBSD | any | noarch | rubygem-actionpack4 | < 4.0.2 | UNKNOWN |
FreeBSD | any | noarch | rubygem-activesupport4 | < 4.0.2 | UNKNOWN |