15 matches found
openSUSE Security Update : rubygem-actionpack-2_3 / rubygem-activesupport-2_3 (openSUSE-SU-2012:1218-1)
added 3-0-escapehtml-activesupport.patch: bnc775653 Also encode single quote CVE-2012-3464 - added 3-0-striptags.patch: bnc775649 Do not mark striptags result as htmlsafe CVE-2012-3465 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Fedora Update for rubygem-actionpack FEDORA-2013-4199
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] [DSA 2655-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2655-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28, 2013 http://www.debian.org/security/faq -...
Fedora Update for rubygem-actionpack FEDORA-2013-0635
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-actionpack FEDORA-2013-0686
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-actionpack FEDORA-2012-11885
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rubygem-actionpack FEDORA-2012-11870
Check for the Version of rubygem-actionpack OpenVAS Vulnerability Test Fedora Update for rubygem-actionpack FEDORA-2012-11870 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for rubygem-actionpack FEDORA-2012-11870
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 17 : rubygem-actionpack-3.0.11-7.fc17 (2012-11885)
Fixes for CVE-2012-3463, CVE-2012-3464 and CVE-2012-3465. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 16 : rubygem-actionpack-3.0.10-9.fc16 (2012-11870)
Fixes for CVE-2012-3463, CVE-2012-3464 and CVE-2012-3465. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Ruby on Rails 'strip_tags()'跨站脚本执行漏洞
BUGTRAQ ID: 54957 CVE ID: CVE-2012-3465 Ruby on Rails简称RoR或Rails,是一个使用Ruby语言写的开源Web应用框架,它是严格按照MVC结构开发的。 Ruby on Rails 3.0.17之前的3.x版本、3.1.8之前的3.1.x版本、3.2.8之前的3.2.x版本内actionpack/lib/actionview/helpers/sanitizehelper.rb在实现上存在XSS漏洞,可允许远程攻击者通过畸形HTML标记注入任意Web脚本或HTML。 0 Ruby on Rails Ruby on Rails 3.x...
CVE-2012-3465
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...
CVE-2012-3465
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...
FreeBSD Ports: rubygem-rails
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/sanitizehelper.rb in the striptags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup...