Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.8 views

RHCOS 6 : rubygem-activesupport (RHSA-2013:0202)

The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0202 advisory. - rubygem-activesupport: json to yaml parsing CVE-2013-0333 Note that Nessus has not tested for this issue but has instead relied only on the...

7.5CVSS5.8AI score0.98582EPSS
Exploits7References5
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.197 views

Ruby On Rails JSON Processor YAML Deserialization Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor YAML Deserialization Scanner', 'Description' = %q This module attempts to identify Ruby on Rails instances vulnerabl...

7.5CVSS7.4AI score0.99449EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2018/12/06 12:0 a.m.50 views

RHEL 6 : rubygem-activesupport (RHSA-2013:0202)

An updated rubygem-activesupport package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.0. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS7.9AI score0.98582EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.56 views

openSUSE Security Update : ruby (openSUSE-SU-2013:0278-1)

This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed...

7.5CVSS8.2AI score0.99449EPSS
Exploits28References15
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.21 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution - Ver2 (CVE-2013-0333)

A code execution vulnerability has been reported in Ruby on Rails. The vulnerability is due to an input validation error when JSON Processor deserializes YAML. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code within the context of the underlying web serve...

7.5CVSS7.8AI score0.98582EPSS
Exploits7
OpenVAS
OpenVAS
added 2013/04/02 12:0 a.m.42 views

Fedora Update for rubygem-activesupport FEDORA-2013-4130

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS9.9AI score0.99449EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2013/04/02 12:0 a.m.46 views

Fedora Update for rubygem-activesupport FEDORA-2013-4130

Check for the Version of rubygem-activesupport OpenVAS Vulnerability Test Fedora Update for rubygem-activesupport FEDORA-2013-4130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.5CVSS0.99449EPSS
Exploits23References2
OpenVAS
OpenVAS
added 2013/03/11 12:0 a.m.65 views

openSUSE: Security Advisory for ruby (openSUSE-SU-2013:0280-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.99449EPSS
Exploits27References2
OpenVAS
OpenVAS
added 2013/03/11 12:0 a.m.50 views

SuSE Update for ruby openSUSE-SU-2013:0278-1 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test $Id: gbsuse201302781.nasl 8542 2018-01-26 06:57:28Z teissa $ SuSE Update for ruby openSUSE-SU-2013:0278-1 ruby Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...

7.5CVSS7.8AI score0.99449EPSS
Exploits27References2
Check Point Advisories
Check Point Advisories
added 2013/02/19 12:0 a.m.21 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution (CVE-2013-0333)

A code execution vulnerability has been reported in Ruby on Rails. The vulnerability is due to an input validation error when JSON Processor deserializes YAML. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code within the context of the underlying web serve...

7.5CVSS7.8AI score0.98582EPSS
Exploits7
OPENSUSE Linux
OPENSUSE Linux
added 2013/02/12 11:4 a.m.67 views

ruby on rails to 2.3.16 (important)

This update updates the RubyOnRails 2.3 stack to 2.3.16. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions w...

7.5CVSS3.1AI score0.99449EPSS
Exploits27References9
OPENSUSE Linux
OPENSUSE Linux
added 2013/02/12 10:10 a.m.58 views

ruby on rails to 2.3.16 (important)

This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed...

7.5CVSS1.2AI score0.99449EPSS
Exploits27References9
Metasploit
Metasploit
added 2013/02/11 10:48 p.m.66 views

Ruby on Rails JSON Processor YAML Deserialization Scanner

This module attempts to identify Ruby on Rails instances vulnerable to an arbitrary object instantiation flaw in the JSON request processor. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby...

7.5CVSS0.2AI score0.99449EPSS
Exploits22
OpenVAS
OpenVAS
added 2013/02/11 12:0 a.m.62 views

Fedora Update for rubygem-activesupport FEDORA-2013-1745

Check for the Version of rubygem-activesupport OpenVAS Vulnerability Test Fedora Update for rubygem-activesupport FEDORA-2013-1745 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.5CVSS0.99449EPSS
Exploits22References2
OpenVAS
OpenVAS
added 2013/02/11 12:0 a.m.58 views

Fedora Update for rubygem-activesupport FEDORA-2013-1710

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.9AI score
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/11 12:0 a.m.41 views

Fedora Update for rubygem-activesupport FEDORA-2013-1745

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/02/11 12:0 a.m.54 views

Fedora 17 : rubygem-activesupport-3.0.11-8.fc17 (2013-1710)

Fixes CVE-2013-0333. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS7.2AI score0.98582EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2013/02/11 12:0 a.m.54 views

Fedora 16 : rubygem-activesupport-3.0.10-6.fc16 (2013-1745)

Fixes CVE-2013-0333. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS7.2AI score0.98582EPSS
Exploits7References3
securityvulns
securityvulns
added 2013/02/04 12:0 a.m.99 views

[SECURITY] [DSA 2613-1] rails security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2613-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst January 29, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.1AI score0.98582EPSS
Exploits7
seebug.org
seebug.org
added 2013/02/03 12:0 a.m.73 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.5CVSS0.99449EPSS
Exploits22
Rows per page
Query Builder