Lucene search
Copyright (C) 2013 Greenbone AGOPENVAS:1361412562310864992HistoryJan 15, 2013 - 12:00 a.m.
Fedora Update for rubygem-activerecord FEDORA-2013-0245
2013-01-1500:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
10
6.7 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.177 Low
EPSS
Percentile
96.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096815.html");
script_oid("1.3.6.1.4.1.25623.1.0.864992");
script_version("2023-06-22T10:34:14+0000");
script_tag(name:"last_modification", value:"2023-06-22 10:34:14 +0000 (Thu, 22 Jun 2023)");
script_tag(name:"creation_date", value:"2013-01-15 18:05:53 +0530 (Tue, 15 Jan 2013)");
script_cve_id("CVE-2012-6496", "CVE-2012-2695", "CVE-2012-2661");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_xref(name:"FEDORA", value:"2013-0245");
script_name("Fedora Update for rubygem-activerecord FEDORA-2013-0245");
script_tag(name:"summary", value:"The remote host is missing an update for the 'rubygem-activerecord'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC17");
script_tag(name:"affected", value:"rubygem-activerecord on Fedora 17");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "FC17")
{
if ((res = isrpmvuln(pkg:"rubygem-activerecord", rpm:"rubygem-activerecord~3.0.11~4.fc17", rls:"FC17")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Related
openvas
openvas
Fedora Update for rubygem-activerecord FEDORA-2013-0244
2013-01-15 00:00:00
Fedora Update for rubygem-activerecord FEDORA-2013-0244
2013-01-15 00:00:00
Fedora Update for rubygem-activerecord FEDORA-2013-0245
2013-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: rubygem-activerecord-3.0.10-4.fc16
2013-01-15 02:22:33
[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-4.fc17
2013-01-15 02:31:35
[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-3.fc17
2012-06-30 08:27:28
osv
osv
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
Active Record vulnerable to SQL Injection via nested query parameters
2017-10-24 18:33:38
Active Record contains SQL Injection
2017-10-24 18:33:37
github
github
Active Record vulnerable to SQL Injection via nested query parameters
2017-10-24 18:33:38
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
Active Record contains SQL Injection
2017-10-24 18:33:37
cve
cve
debiancve
debiancve
prion
prion
ubuntucve
ubuntucve
nessus
nessus
Fedora 16 : rubygem-activerecord-3.0.10-3.fc16 (2012-9639)
2012-07-01 00:00:00
Fedora 17 : rubygem-activerecord-3.0.11-3.fc17 (2012-9635)
2012-07-01 00:00:00
Fedora 16 : rubygem-activerecord-3.0.10-4.fc16 (2013-0244)
2013-01-15 00:00:00
gitlab
gitlab
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
2017-10-24 00:00:00
Ruby on Rails find_by_* Methods Authlogic SQL Injection Bypass
2013-01-03 00:00:00
SQL injection vulnerability in Active Record
2012-06-22 00:00:00
rubygems
rubygems
CVE-2012-2661 rubygem-activerecord: SQL injection when processing nested query paramaters
2012-05-30 20:00:00
SQL Injection Vulnerability in Ruby on Rails
2017-10-23 21:00:00
suse
suse
Security update for rubygem-actionpack (important)
2012-08-21 19:08:38
Security update for rubygem-activerecord (important)
2012-08-21 20:08:28
Security update for rubygem-activerecord (important)
2012-08-21 19:08:36
seebug
seebug
Ruby on Rails Active Record组件SQL注入漏洞(CVE-2012-6496)
2013-01-05 00:00:00
SQL Injection Vulnerability in Ruby on Rails
2012-06-01 00:00:00
Ruby on Rails嵌套参数SQL注入漏洞
2012-06-16 00:00:00
gentoo
gentoo
Active Record: SQL injection
2014-01-21 00:00:00
veracode
veracode
SQL Command Injection
2019-01-15 08:53:39
Information Disclosure
2019-05-02 04:52:23
Open Redirect
2019-05-02 04:52:21
checkpoint_advisories
checkpoint_advisories
Ruby on Rails Hash SQL Injection (CVE-2012-2695)
2012-10-14 00:00:00
redhat
redhat
(RHSA-2013:0154) Critical: Ruby on Rails security update
2013-01-10 20:37:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
(RHSA-2013:0220) Important: Red Hat OpenShift Enterprise 1.1 update
2013-01-31 00:00:00
freebsd
freebsd
rubygem-activerecord -- multiple vulnerabilities
2012-05-31 00:00:00
ibm
ibm
securityvulns
securityvulns
6.7 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.177 Low
EPSS
Percentile
96.1%
Related for OPENVAS:1361412562310864992