Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310869479
HistoryJul 01, 2015 - 12:00 a.m.

Fedora Update for rubygem-activesupport FEDORA-2015-10545

2015-07-0100:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
10

5.2 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.2%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.869479");
  script_version("2023-06-21T05:06:23+0000");
  script_tag(name:"last_modification", value:"2023-06-21 05:06:23 +0000 (Wed, 21 Jun 2023)");
  script_tag(name:"creation_date", value:"2015-07-01 06:28:00 +0200 (Wed, 01 Jul 2015)");
  script_cve_id("CVE-2015-3226", "CVE-2015-3227");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_tag(name:"qod_type", value:"package");
  script_name("Fedora Update for rubygem-activesupport FEDORA-2015-10545");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'rubygem-activesupport'
  package(s) announced via the referenced advisory.");
  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
  script_tag(name:"affected", value:"rubygem-activesupport on Fedora 21");
  script_tag(name:"solution", value:"Please install the updated package(s).");
  script_xref(name:"FEDORA", value:"2015-10545");
  script_xref(name:"URL", value:"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/161240.html");
  script_tag(name:"solution_type", value:"VendorFix");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC21");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC21")
{

  if ((res = isrpmvuln(pkg:"rubygem-activesupport", rpm:"rubygem-activesupport~4.1.5~2.fc21", rls:"FC21")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

fedora 2
nessus 6
openvas 8
ibm 1
github 2
hackerone 1
cve 2
debiancve 2
gitlab 2
freebsd 1
prion 2
osv 2
ubuntucve 2
cvelist 2
debian 2
fedora
fedora
[SECURITY] Fedora 21 Update: rubygem-activesupport-4.1.5-2.fc21
2015-06-30 20:19:18
[SECURITY] Fedora 22 Update: rubygem-activesupport-4.2.0-2.fc22
2015-06-30 20:18:47
nessus
nessus
Fedora 21 : rubygem-activesupport-4.1.5-2.fc21 (2015-10545)
2015-07-01 00:00:00
Fedora 22 : rubygem-activesupport-4.2.0-2.fc22 (2015-10538)
2015-07-01 00:00:00
FreeBSD : rubygem-rails -- multiple vulnerabilities (eb8a8978-8dd5-49ce-87f4-49667b2166dd)
2015-06-18 00:00:00
openvas
openvas
Fedora Update for rubygem-activesupport FEDORA-2015-10538
2015-07-07 00:00:00
Ruby on Rails Active Support Cross Site Scripting Vulnerability - Windows
2016-10-13 00:00:00
Ruby on Rails Active Support Cross Site Scripting Vulnerability - Linux
2016-10-13 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis (CVE-2015-3226)
2022-08-19 21:04:31
github
github
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:36
activesupport vulnerable to Denial of Service via large XML document depth
2017-10-24 18:33:36
hackerone
hackerone
Ruby on Rails: JSON keys are not properly escaped
2015-02-10 01:00:04
cve
cve
CVE-2015-3226
2015-07-26 22:59:00
CVE-2015-3227
2015-07-26 22:59:00
debiancve
debiancve
CVE-2015-3226
2015-07-26 22:59:00
CVE-2015-3227
2015-07-26 22:59:00
gitlab
gitlab
XSS Vulnerability in ActiveSupport::JSON.encode
2015-07-26 00:00:00
Possible Denial of Service
2015-07-26 00:00:00
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2015-06-16 00:00:00
prion
prion
Cross site scripting
2015-07-26 22:59:00
Design/Logic Flaw
2015-07-26 22:59:00
osv
osv
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:36
activesupport vulnerable to Denial of Service via large XML document depth
2017-10-24 18:33:36
ubuntucve
ubuntucve
CVE-2015-3226
2015-07-26 00:00:00
CVE-2015-3227
2015-07-26 00:00:00
cvelist
cvelist
CVE-2015-3226
2015-07-26 22:00:00
CVE-2015-3227
2015-07-26 22:00:00
debian
debian
[SECURITY] [DLA 603-1] ruby-activesupport-3.2 security update
2016-08-27 16:25:54
[SECURITY] [DSA 3464-1] rails security update
2016-01-31 18:44:09

5.2 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.2%

JSON
Related for OPENVAS:1361412562310869479
fedora2nessus6openvas8ibm1github2hackerone1cve2debiancve2gitlab2freebsd1prion2osv2ubuntucve2cvelist2debian2