Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2016:1146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.95537EPSS
Exploits19References4
OpenVAS
OpenVAS
added 2016/10/17 12:0 a.m.31 views

Ruby on Rails Action Pack DoS Vulnerability (Jan 2016) - Windows

Ruby on Rails is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.4AI score0.06535EPSS
Exploits0References2
OSV
OSV
added 2016/03/22 4:21 p.m.14 views

SUSE-SU-2016:0858-1 Security update for rubygem-actionpack-4_1

This update for rubygem-actionpack-41 fixes the following issues: - CVE-2016-0751: Object Leak DoS bsc963331 - CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes bsc963335 - CVE-2016-0752: directory traversal and information leak in Action View bsc963332 - CVE-2015-7576:...

7.5CVSS5.9AI score0.95537EPSS
Exploits11References9
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.55 views

Fedora 22 : rubygem-actionpack-4.2.0-3.fc22 / rubygem-activemodel-4.2.0-2.fc22 (2016-94e71ee673)

Security fix for CVE-2015-7581 CVE-2015-7576 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible withou...

7.5CVSS6.1AI score0.95537EPSS
Exploits11References10
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.28 views

Fedora 23 : rubygem-actionpack-4.2.3-4.fc23 (2016-f486068393)

Security fix for CVE-2015-7581 Security fix for CVE-2016-0751 Security fix for CVE-2015-7576 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

7.5CVSS6.1AI score0.09731EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2016/02/29 12:0 a.m.35 views

Fedora Update for rubygem-actionpack FEDORA-2016-94

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.95537EPSS
Exploits11References4
OpenVAS
OpenVAS
added 2016/02/29 12:0 a.m.36 views

Fedora Update for rubygem-activemodel FEDORA-2016-94

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.95537EPSS
Exploits11References4
OSV
OSV
added 2016/02/16 2:59 a.m.7 views

CVE-2015-7581

actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...

7.5CVSS7.2AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2016/02/16 2:59 a.m.26 views

CVE-2015-7581

actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...

7.5CVSS7.1AI score0.06535EPSS
Exploits0References2
CVE
CVE
added 2016/02/16 2:0 a.m.108 views

CVE-2015-7581

CVE-2015-7581 affects Ruby on Rails Action Pack (route_set.rb) in Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1. It allows remote attackers to cause a denial of service via superfluous caching/memory consumption when an application uses wildcard controllers. Documented in multiple sources...

7.5CVSS5.9AI score0.06535EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2016/02/16 2:0 a.m.41 views

CVE-2015-7581

actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...

7.5CVSS7AI score0.06535EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/02/01 12:0 a.m.48 views

Debian DSA-3464-1 : rails - security update

Multiple security issues have been discovered in the Ruby on Rails web application development framework, which may result in denial of service, cross-site scripting, information disclosure or bypass of input validation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

7.5CVSS6.2AI score0.95537EPSS
Exploits11References10
RubySec
RubySec
added 2016/01/25 12:0 a.m.43 views

Object leak vulnerability for wildcard controller routes in Action Pack

There is an object leak vulnerability for wildcard controllers in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2015-7581. Versions Affected: = 4.0.0 and 5.0.0.beta1 Not affected: 4.0.0, 5.0.0.beta1 and newer Fixed Versions: 4.2.5.1, 4.1.14.1 Impact ------ Users that ha...

7.5CVSS2.5AI score0.06535EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2015/08/22 1:34 a.m.35 views

Ruby on Rails: DoS Attack in Controller Lookup Code

Object leak vulnerability for wildcard controller routes in Action Pack There is an object leak vulnerability for wildcard controllers in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2015-7581. Versions Affected: = 4.0.0 and 5.0.0.beta1 Not affected: 4.0.0, 5.0.0.beta1...

5CVSS7.2AI score0.06535EPSS
Exploits0
Rows per page
Query Builder