Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.22 views

Debian: Security Advisory (DSA-2260-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.6AI score0.03022EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2011/06/15 12:0 a.m.40 views

Debian DSA-2260-1 : rails - several vulnerabilities

Two vulnerabilities were discovered in Ruby on Rails, a web application framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3086 The cookie store may be vulnerable to a timing attack, potentially allowing remote attackers to forge message...

5CVSS5AI score0.03022EPSS
Exploits1References7
Debian
Debian
added 2011/06/14 6:57 p.m.47 views

[SECURITY] [DSA 2259-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2260-1 [email protected] http://www.debian.org/security/ Florian Weimer June 14, 2011 http://www.debian.org/security/faq -...

5CVSS6.2AI score0.03022EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/12/30 12:0 a.m.62 views

Gentoo Security Advisory GLSA 200912-02 (rails)

The remote host is missing updates announced in advisory GLSA 200912-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.7AI score0.0808EPSS
Exploits5
OpenVAS
OpenVAS
added 2009/10/27 12:0 a.m.35 views

SuSE Security Summary SUSE-SR:2009:017

The remote host is missing updates announced in advisory SUSE-SR:2009:017. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...

7.5CVSS1.4AI score0.3038EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2009/10/22 12:0 a.m.30 views

openSUSE Security Update : rubygem-actionpack-2_1 (rubygem-actionpack-2_1-1320)

This update improves the escaping in the helper code of Ruby on Rails to protect against XSS attacks CVE-2009-3009 and an information leak CVE-2009-3086. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securi...

5CVSS5AI score0.03022EPSS
Exploits2References4
CVE
CVE
added 2009/09/08 6:0 p.m.121 views

CVE-2009-3086

Ruby on Rails cookie store vulnerability CVE-2009-3086 affects Rails 2.1.0–2.2.2 and 2.3.x before 2.3.4. The issue leaks information about the complexity of message-digest verification and may allow remote attackers to forge a digest via multiple attempts (timing attack). Debian fixes: 2.1.0-7+le...

5CVSS9AI score0.02232EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2009/09/08 6:0 p.m.37 views

CVE-2009-3086

A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x before 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote attackers to forge a digest via multiple attempts...

5CVSS6.2AI score0.02232EPSS
Exploits1
Rows per page
Query Builder