13 matches found
Debian: Security Advisory (DLA-603-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ruby on Rails Active Support DoS Vulnerability (Jun 2015) - Linux
Ruby on Rails is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Ruby on Rails Active Support DoS Vulnerability (Jun 2015) - Windows
Ruby on Rails is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] [DLA 603-1] ruby-activesupport-3.2 security update
Package : ruby-activesupport-3.2 Version : 3.2.6-6+deb7u2 CVE ID : CVE-2015-3227 The support and utility classes used by the Rails 3.2 framework allow remote attackers to cause a denial of service SystemStackError via a large XML document depth. For Debian 7 "Wheezy", these problems have been fix...
Debian DSA-3464-1 : rails - security update
Multiple security issues have been discovered in the Ruby on Rails web application development framework, which may result in denial of service, cross-site scripting, information disclosure or bypass of input validation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
SUSE-SU-2016:0047-1 Security update for rubygem-activesupport-3_2
rubygem-activesupport-32 was updated to fix one security issue. This security issue was fixed: - CVE-2015-3227: Possible Denial of Service attack in Active Support bsc934800...
openSUSE Security Update : rubygem-activesupport-3_2 (openSUSE-2015-506)
rubygem-activesupport-32 was updated to fix one security issue. This security issue was fixed : - CVE-2015-3227: Possible Denial of Service attack in Active Support bsc934800. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
CVE-2015-3227
The 1 jdom.rb and 2 rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service SystemStackError via a large XML document depth...
CVE-2015-3227
The 1 jdom.rb and 2 rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service SystemStackError via a large XML document depth...
CVE-2015-3227
The 1 jdom.rb and 2 rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service SystemStackError via a large XML document depth...
Fedora 21 : rubygem-activesupport-4.1.5-2.fc21 (2015-10545)
Fixes for : CVE-2015-3226 Escape HTML entities in JSON keys CVE-2015-3227 XML documents that are too deep can cause an stack overflow, which in turn will cause a potential DoS attack. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...
Fedora Update for rubygem-activesupport FEDORA-2015-10545
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : rubygem-rails -- multiple vulnerabilities (eb8a8978-8dd5-49ce-87f4-49667b2166dd)
Ruby on Rails blog : Rails 3.2.22, 4.1.11 and 4.2.2 have been released, along with web console and jquery-rails plugins and Rack 1.5.4 and 1.6.2. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML...