10 matches found
[SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2982-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 19, 2014 http://www.debian.org/security/faq -...
Fedora 20 : rubygem-activerecord-4.0.0-4.fc20 (2014-8065)
Fix for CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting and its regression Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...
Fedora Update for rubygem-activerecord FEDORA-2014-8065
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ruby-actionpack packages fix security issues
Updated ruby-actionpack and ruby-activerecord packages fix security vulnerabilities: Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 4.0.5, when certain route globbing configurations are enabled, allows...
[SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2982-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 19, 2014 http://www.debian.org/security/faq -...
Moderate: Red Hat Security Advisory: ror40-rubygem-activerecord security update
Updated ror40-rubygem-activerecord packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...
CVE-2014-3483
CVE-2014-3483 is a SQL injection vulnerability in the PostgreSQL adapter for Active Record (Ruby on Rails). The flaw resides in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb, where improper range quoting allows remote attackers to execute arbitrary SQL commands. Affecte...
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...
CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...