19 matches found
CVE-2014-0130
creationtimestamp| type| source ---|---|--- 2018-06-30 21:50:00+00:00| published-proof-of-concept| https://t.me/cKure/160 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05 02:47:53+00:00| seen| https://t.me/arpsyndicate/1372 2024-12-24 20:28:47+00:00| seen|...
Fedora Update for rubygem-actionpack FEDORA-2014-15371
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ruby-actionpack packages fix security issues
Updated ruby-actionpack and ruby-activerecord packages fix security vulnerabilities: Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 4.0.5, when certain route globbing configurations are enabled, allows...
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2929-1 [email protected] http://www.debian.org/security/ Florian Weimer May 16, 2014 http://www.debian.org/security/faq -...
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0718-1)
fix CVE-2014-0130: rubygem-actionpack: directory traversal issue bnc876714 CVE-2014-0130.patch: contains the fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-397. The text...
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0720-1)
fix CVE-2014-0130: rubygem-actionpack: directory traversal issue bnc876714 CVE-2014-0130.patch: contains the fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-396. The text...
Fedora Update for rubygem-actionpack FEDORA-2014-6127
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for rubygem-actionpack FEDORA-2014-6098
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : rubygem-actionpack-4.0.0-4.fc20 (2014-6098)
Fix for CVE-2014-0130 - Avoid directory traversal Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 19 : rubygem-actionpack-3.2.13-6.fc19 (2014-6127)
Fix for CVE-2014-0130 - Avoid directory traversal Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Debian DSA-2929-1 : ruby-actionpack-3.2 - security update
Several vulnerabilities were discovered in Action Pack, a component of Ruby on Rails. - CVE-2014-0081 actionview/lib/actionview/helpers/numberhelper.rb contains multiple cross-site scripting vulnerabilities - CVE-2014-0082 actionpack/lib/actionview/template/text.rb performs symbol interning on MI...
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2929-1 [email protected] http://www.debian.org/security/ Florian Weimer May 16, 2014 http://www.debian.org/security/faq -...
Moderate: Red Hat Security Advisory: ruby193-rubygem-actionpack security update
Updated ruby193-rubygem-actionpack packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Debian: Security Advisory (DSA-2929-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[oss-security] [CVE-2014-0130] Directory Traversal Vulnerability With Certain Route Configurations
There is a vulnerability in the 'implicit render' functionality in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0130. Versions Affected: All Supported Not affected: None Fixed Versions: 4.1.1, 4.0.5, 3.2.18 Impact ------ The implicit render functionality allows...
CVE-2014-0130
Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...
CVE-2014-0130
CVE-2014-0130 describes a directory traversal in Ruby on Rails’ Action Pack (implicit_render path) affecting Rails 3.2.x before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1. A crafted request using wildcard route globbing can cause the application to read arbitrary local files via actionpac...
CVE-2014-0130
Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...
CVE-2014-0130
Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files...