Lucene search
K

18 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.4 views

SUSE CVE-2013-6417

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query...

6.4CVSS6.9AI score0.02371EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.56 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1906-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

6.4CVSS7.1AI score0.207EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.52 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1907-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

6.4CVSS7.1AI score0.207EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.54 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1904-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

6.4CVSS7.1AI score0.207EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.58 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0009-1)

This update fixes the following security issues with rubygem-actionpack-32 : - fix CVE-2013-4389: rubygem-actionmailer-31: possible DoS vulnerability in the log subscriber component bnc846239 File CVE-2013-4389.patch contains the fix. - fix CVE-2013-4491: rubygem-actionpack: i18n missing...

6.4CVSS7.3AI score0.207EPSS
Exploits4References12
OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.51 views

Fedora Update for rubygem-actionpack FEDORA-2014-6098

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.46 views

Fedora Update for rubygem-actionpack FEDORA-2014-6127

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2014/05/12 6:12 p.m.81 views

Important: Red Hat Security Advisory: cfme security, bug fix, and enhancement update

Updated cfme packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat CloudForms 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whi...

6.5CVSS7.5AI score0.06666EPSS
Exploits7References13
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.99 views

[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2888-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 27, 2014 http://www.debian.org/security/faq -...

6.4CVSS1.6AI score0.207EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2014/03/28 12:0 a.m.53 views

Debian DSA-2888-1 : ruby-actionpack-3.2 - security update

Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.4CVSS7.8AI score0.207EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2014/03/21 12:0 a.m.39 views

Puppet Enterprise 3.x < 3.1.1 Multiple Vulnerabilities

According to its self-reported version number, the Puppet Enterprise 3.x install on the remote host is prior to 3.1.1. As a result, it is reportedly affected by multiple vulnerabilities : - An input validation error exists related to the included Ruby version, handling string to floating point...

6.8CVSS8AI score0.34968EPSS
Exploits6References15
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.47 views

Fedora Update for rubygem-actionpack FEDORA-2014-3232

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7.2AI score0.207EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.50 views

Fedora Update for rubygem-actionpack FEDORA-2013-23636

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7.8AI score0.207EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2014/01/27 12:0 a.m.43 views

Fedora Update for rubygem-actionpack FEDORA-2014-0970

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.5AI score0.207EPSS
Exploits3References2
NVD
NVD
added 2013/12/07 12:55 a.m.31 views

CVE-2013-6417

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query...

6.4CVSS7.6AI score0.02371EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2013/12/07 12:55 a.m.44 views

CVE-2013-6417

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query...

6.4CVSS5.9AI score0.02371EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2013/12/07 12:0 a.m.52 views

CVE-2013-6417

actionpack/lib/actiondispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query...

6.4CVSS7.3AI score0.02371EPSS
Exploits0
FreeBSD
FreeBSD
added 2013/12/03 12:0 a.m.57 views

rails -- multiple vulnerabilities

Rails weblog: Rails 3.2.16 and 4.0.2 have been released! These two releases contain important security fixes, so please upgrade as soon as possible! In order to make upgrading as smooth as possible, we've only included commits directly related to each security issue. The security fixes in 3.2.16...

6.4CVSS6.5AI score0.207EPSS
Exploits2References1
Rows per page
Query Builder