245 matches found
CVE-2011-2932
Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...
CVE-2011-2932
Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...
Fedora Update for rubygem-activesupport FEDORA-2011-8494
Check for the Version of rubygem-activesupport OpenVAS Vulnerability Test Fedora Update for rubygem-activesupport FEDORA-2011-8494 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for rubygem-activesupport FEDORA-2011-8494
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 15 : rubygem-activesupport-3.0.5-3.fc15 (2011-8494)
This update fixes : - Bug 713692 - CVE-2011-2197 rubygem-activesupport: XSS due improper management of safe buffers Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format ...
[SECURITY] Fedora 15 Update: rubygem-activesupport-3.0.5-3.fc15
Utility library which carries commonly used classes and goodies from the Rails framework...
[SECURITY] Fedora 15 Update: rubygem-activesupport-3.0.5-1.fc15
Utility library which carries commonly used classes and goodies from the Rails framework...
openSUSE Security Update : rubygem-activesupport-2_1 (rubygem-activesupport-2_1-1321)
This update improves the escaping in the helper code of Ruby on Rails to protect against XSS attacks CVE-2009-3009 and an information leak CVE-2009-3086. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securi...
[SECURITY] Fedora 11 Update: rubygem-activesupport-2.3.2-2.fc11
Utility library which carries commonly used classes and goodies from the Rails framework...
Fedora Update for rubygem-activesupport FEDORA-2008-8322
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-activesupport FEDORA-2008-8282
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-activesupport FEDORA-2008-8322
Check for the Version of rubygem-activesupport OpenVAS Vulnerability Test Fedora Update for rubygem-activesupport FEDORA-2008-8322 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for rubygem-activesupport FEDORA-2008-8282
Check for the Version of rubygem-activesupport OpenVAS Vulnerability Test Fedora Update for rubygem-activesupport FEDORA-2008-8282 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
[SECURITY] Fedora 8 Update: rubygem-activesupport-2.1.1-1.fc8
Utility library which carries commonly used classes and goodies from the Rails framework...
DEBIAN-CVE-2008-4094
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
CVE-2008-4094
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
Sql injection
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
CVE-2008-4094
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
CVE-2008-4094
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the 1 :limit and 2 :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer...
CVE-2008-4094
CVE-2008-4094 corresponds to multiple SQL injection vulnerabilities in Ruby on Rails prior to 2.1.1, exploitable via the :limit and :offset parameters in ActiveRecord (and related components). Remote attackers could cause arbitrary SQL execution and potentially affect data integrity. The linked d...