14 matches found
RHCOS 6 : ruby193-rubygem-activerecord (RHSA-2013:0699)
The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0699 advisory. - rubygem-activerecord: attributedos Symbol DoS vulnerability CVE-2013-1854 Note that Nessus has not tested for this issue but has instead...
RHEL 6 : ruby193-rubygem-activerecord (RHSA-2013:0699)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0699 advisory. - rubygem-activerecord: attributedos Symbol DoS vulnerability CVE-2013-1854 Note that Nessus has not tested for this issue but has instead relied onl...
openSUSE Security Update : rubygem-activerecord-2_3 (openSUSE-SU-2013:0660-1)
Changes in rubygem-activerecord-23 : - add patch to fix security issue : - bug-8099322-3-attributesymbols.patch: fix CVE-2013-1854: rubygem-activerecord: Symbol DoS vulnerability in Active Record bnc809932 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
openSUSE Security Update : rubygem-activesupport-2_3 (openSUSE-SU-2013:0664-1)
Changes in rubygem-activesupport-23 : - add patch to fix security issue : - bug-8099322-3-attributesymbols.patch: fix CVE-2013-1854: rubygem-activerecord: Symbol DoS vulnerability in Active Record bnc809932 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...
FreeBSD : rubygem-rails -- multiple vulnerabilities (db0c4b00-a24c-11e2-9601-000d601460a4)
Ruby on Rails team reports : Rails versions 3.2.13 has been released. This release contains important security fixes. It is recommended users upgrade as soon as possible. Four vulnerabilities have been discovered and fixed : - CVE-2013-1854 Symbol DoS vulnerability in Active Record - CVE-2013-185...
Fedora Update for rubygem-activerecord FEDORA-2013-4139
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 18 : rubygem-activerecord-3.2.8-5.fc18 (2013-4139)
Fix for CVE-2013-1854. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] [DSA 2655-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2655-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28, 2013 http://www.debian.org/security/faq -...
CVE-2013-1854
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method...
DEBIAN-CVE-2013-1854
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method...
CVE-2013-1854
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method...
CVE-2013-1854
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method...
CVE-2013-1854
CVE-2013-1854 summary (Rails ActiveRecord): Rails 2.3.x < 2.3.18, 3.1.x < 3.1.12, and 3.2.x
CVE-2013-1854 rubygem-activerecord: attribute_dos Symbol DoS vulnerability
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method. A flaw was found in the way...