14 matches found
SUSE: Security Advisory (SUSE-SU-2016:1146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ruby on Rails Action Pack DoS Vulnerability (Jan 2016) - Windows
Ruby on Rails is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SUSE-SU-2016:0858-1 Security update for rubygem-actionpack-4_1
This update for rubygem-actionpack-41 fixes the following issues: - CVE-2016-0751: Object Leak DoS bsc963331 - CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes bsc963335 - CVE-2016-0752: directory traversal and information leak in Action View bsc963332 - CVE-2015-7576:...
Fedora 22 : rubygem-actionpack-4.2.0-3.fc22 / rubygem-activemodel-4.2.0-2.fc22 (2016-94e71ee673)
Security fix for CVE-2015-7581 CVE-2015-7576 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible withou...
Fedora 23 : rubygem-actionpack-4.2.3-4.fc23 (2016-f486068393)
Security fix for CVE-2015-7581 Security fix for CVE-2016-0751 Security fix for CVE-2015-7576 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora Update for rubygem-actionpack FEDORA-2016-94
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for rubygem-activemodel FEDORA-2016-94
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-7581
actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...
CVE-2015-7581
actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...
CVE-2015-7581
CVE-2015-7581 affects Ruby on Rails Action Pack (route_set.rb) in Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1. It allows remote attackers to cause a denial of service via superfluous caching/memory consumption when an application uses wildcard controllers. Documented in multiple sources...
CVE-2015-7581
actionpack/lib/actiondispatch/routing/routeset.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service superfluous caching and memory consumption by leveraging an application's use of a wildcard controller route...
Debian DSA-3464-1 : rails - security update
Multiple security issues have been discovered in the Ruby on Rails web application development framework, which may result in denial of service, cross-site scripting, information disclosure or bypass of input validation. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
Object leak vulnerability for wildcard controller routes in Action Pack
There is an object leak vulnerability for wildcard controllers in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2015-7581. Versions Affected: = 4.0.0 and 5.0.0.beta1 Not affected: 4.0.0, 5.0.0.beta1 and newer Fixed Versions: 4.2.5.1, 4.1.14.1 Impact ------ Users that ha...
Ruby on Rails: DoS Attack in Controller Lookup Code
Object leak vulnerability for wildcard controller routes in Action Pack There is an object leak vulnerability for wildcard controllers in Action Pack. This vulnerability has been assigned the CVE identifier CVE-2015-7581. Versions Affected: = 4.0.0 and 5.0.0.beta1 Not affected: 4.0.0, 5.0.0.beta1...