6 matches found
Fedora 20 : rubygem-activerecord-4.0.0-5.fc20 (2014-9706)
Fix CVE-2014-3514: vulnerability in the createwith Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2014-3514
activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...
CVE-2014-3514
activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...
CVE-2014-3514
activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...
CVE-2014-3514
The CVE-2014-3514 entry concerns ActiveRecord in Ruby on Rails (Rails 4.0.x prior to 4.0.9 and 4.1.x prior to 4.1.5). The underlying issue is a bypass of strong parameters protection via crafted input to create_with calls, enabling remote attackers to bypass parameter filtering. Documented refere...
CVE-2014-3514
activerecord/lib/activerecord/relation/querymethods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes createwith calls...