Lucene search
GoogleOSV:DSA-2929-1HistoryMay 16, 2014 - 12:00 a.m.
ruby-actionpack-3.2 - security update
2014-05-1600:00:00
Google
osv.dev
21
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Several vulnerabilities were discovered in Action Pack, a component
of Ruby on Rails.
- CVE-2014-0081
actionview/lib/action_view/helpers/number_helper.rb contains
multiple cross-site scripting vulnerabilities - CVE-2014-0082
actionpack/lib/action_view/template/text.rb performs symbol
interning on MIME type strings, allowing remote denial-of-service
attacks via increased memory consumption. - CVE-2014-0130
A directory traversal vulnerability in
actionpack/lib/abstract_controller/base.rb allows remote attackers
to read arbitrary files.
For the stable distribution (wheezy), these problems have been fixed in
version 3.2.6-6+deb7u2.
We recommend that you upgrade your ruby-actionpack-3.2 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ruby-actionpack-3.2 | eq | 3.2.6-6 | |
| ruby-actionpack-3.2 | eq | 3.2.6-6+deb7u1 |
References
Related
openvas
openvas
Debian: Security Advisory (DSA-2929-1)
2014-05-15 00:00:00
Debian Security Advisory DSA 2929-1 (ruby-actionpack-3.2 - security update)
2014-05-16 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2014-6127
2014-05-26 00:00:00
debian
debian
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update
2014-05-16 08:15:07
nessus
nessus
Debian DSA-2929-1 : ruby-actionpack-3.2 - security update
2014-05-19 00:00:00
CentOS 6 : ruby193-rubygem-actionpack (CESA-2014:0306)
2014-03-18 00:00:00
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0295-1)
2014-06-13 00:00:00
securityvulns
securityvulns
redhat
redhat
(RHSA-2014:0306) Moderate: ruby193-rubygem-actionpack security update
2014-03-17 00:00:00
(RHSA-2014:0215) Critical: cfme security, bug fix, and enhancement update
2014-03-11 00:00:00
(RHSA-2014:0510) Moderate: ruby193-rubygem-actionpack security update
2014-05-15 00:00:00
centos
centos
ruby193 security update
2014-03-17 21:55:16
ruby193 security update
2014-05-21 17:54:02
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:01:21
Directory Traversal When Route Globbing Configurations Are Enabled
2019-01-15 08:55:13
Multiple Cross-site Scripting (XSS) Vulnerabilities
2019-01-15 08:58:42
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-6.fc19
2014-05-23 18:58:55
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-4.fc20
2014-05-23 18:56:34
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-5.fc20
2015-03-05 12:31:58
hackerone
hackerone
Ruby on Rails: Directory traversal attack in view resolver
2014-03-06 11:13:20
New Relic: newrelic.com rails directory traversal vuln
2016-04-23 13:23:49
osv
osv
actionpack Path Traversal vulnerability
2017-10-24 18:33:36
Rails vulnerable to Cross-site Scripting
2017-10-24 18:33:36
actionpack Improper Input Validation vulnerability
2017-10-24 18:33:36
cisa_kev
cisa_kev
Ruby on Rails Directory Traversal Vulnerability
2022-03-25 00:00:00
myhack58
myhack58
attackerkb
attackerkb
CVE-2014-0130
2014-05-07 00:00:00
ubuntucve
ubuntucve
prion
prion
Directory traversal
2014-05-07 10:55:00
Code injection
2014-02-20 15:27:00
Cross site scripting
2014-02-20 15:27:00
cve
cve
github
github
actionpack Path Traversal vulnerability
2017-10-24 18:33:36
Rails vulnerable to Cross-site Scripting
2017-10-24 18:33:36
actionpack Improper Input Validation vulnerability
2017-10-24 18:33:36
seebug
seebug
websecuritylog
websecuritylog
debiancve
debiancve
CVE-2014-0082
2014-02-20 15:27:00
CVE-2014-0081
2014-02-20 15:27:00
rubygems
rubygems
mageia
mageia
Updated ruby-actionpack packages fix security issues
2014-07-26 17:09:43
Updated ruby-rails and associated packages fix multiple vulnerabilities
2014-04-24 23:02:23
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for OSV:DSA-2929-1