Lucene search
+L

16 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.8 views

SUSE CVE-2021-22880

The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully crafted input can cause the input validation in the money type of the PostgreSQL adapter in Active Record to spend too much time in a regular...

5.3CVSS5.7AI score0.04434EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2021/11/14 12:0 a.m.33 views

openSUSE 15 Security Update : rubygem-activerecord-5_1 (openSUSE-SU-2021:1468-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1468-1 advisory. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability...

7.5CVSS7.1AI score0.04434EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/11/13 12:0 a.m.20 views

openSUSE: Security Advisory for rubygem-activerecord-5_1 (openSUSE-SU-2021:1468-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.04434EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/11/12 12:0 a.m.44 views

Security update for rubygem-activerecord-5_1 (moderate)

openSUSE Security Update: Security update for rubygem-activerecord-51 Announcement ID: openSUSE-SU-2021:1468-1 Rating: moderate References: 1182169 Cross-References: CVE-2021-22880 CVSS scores: CVE-2021-22880 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-22880 SUSE: 5.3...

5.3CVSS7.5AI score0.04434EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/11/10 12:0 a.m.19 views

openSUSE: Security Advisory for rubygem-activerecord-5_1 (openSUSE-SU-2021:3634-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.6AI score0.04434EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/11/10 12:0 a.m.25 views

openSUSE 15 Security Update : rubygem-activerecord-5_1 (openSUSE-SU-2021:3634-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:3634-1 advisory. - The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability...

7.5CVSS7.1AI score0.04434EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/11/10 12:0 a.m.26 views

SUSE SLES15 Security Update : rubygem-activerecord-5_1 (SUSE-SU-2021:3634-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:3634-1 advisory. - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169. Tenable has extracted the preceding description block directly from th...

7.5CVSS6.8AI score0.04434EPSS
Exploits1References4
OSV
OSV
added 2021/11/09 9:51 a.m.8 views

OPENSUSE-SU-2021:3634-1 Security update for rubygem-activerecord-5_1

This update for rubygem-activerecord-51 fixes the following issues: - CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type bsc1182169...

7.5CVSS7.5AI score0.04434EPSS
Exploits1References3
Debian
Debian
added 2021/06/09 9:11 p.m.163 views

[SECURITY] [DSA 4929-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4929-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2021 https://www.debian.org/security/faq -...

7.5CVSS8.3AI score0.04808EPSS
Exploits3
OpenVAS
OpenVAS
added 2021/03/13 12:0 a.m.27 views

Fedora: Security Advisory for rubygem-activerecord (FEDORA-2021-b571fca1b8)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.9AI score
Exploits0References2
NCSC
NCSC
added 2021/02/23 12:0 a.m.4 views

Vulnerabilities fixed in Ruby on Rails

Vulnerabilities have been fixed in Ruby on Rails. The vulnerabilities allow a malicious party to cause a denial-of-service cause and redirect a user to a rogue web page. The Ruby on Rails developers have released updates to fix the vulnerabilities. More information can be found on the pages below...

7.5CVSS6.6AI score0.87301EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/02/18 12:0 a.m.38 views

FreeBSD : Rails -- multiple vulnerabilities (8e670b85-706e-11eb-abb2-08002728f74c)

Ruby on Rails blog : Rails version 5.2.4.5, 6.0.3.5 and 6.1.2.1 have been released! Those version are security releases and addresses two issues : CVE-2021-22880: Possible DoS Vulnerability in Active Record PostgreSQL adapter. CVE-2021-22881: Possible Open Redirect in Host Authorization Middlewar...

7.5CVSS7.2AI score0.87301EPSS
Exploits2References6
Circl
Circl
added 2021/02/11 8:42 p.m.22 views

CVE-2021-22880

creationtimestamp| type| source ---|---|--- 2021-02-11 20:42:50+00:00| seen| https://t.me/cibsecurity/23458...

7.5CVSS6.1AI score0.04434EPSS
Exploits1References1
CVE
CVE
added 2021/02/11 4:11 p.m.303 views

CVE-2021-22880

The CVE-2021-22880 vulnerability affects the Rails Active Record PostgreSQL adapter. It is a REDoS flaw in the money type input validation, exploitable in Rails apps using PostgreSQL money columns. It impacts Active Record versions prior to 6.1.2.1, 6.0.3.5, and 5.2.4.5. Remediation is to upgrade...

7.5CVSS7.1AI score0.04434EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2021/02/11 4:11 p.m.46 views

CVE-2021-22880

The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service REDoS vulnerability. Carefully crafted input can cause the input validation in the money type of the PostgreSQL adapter in Active Record to spend too much time in a regular...

7.5CVSS6.3AI score0.04434EPSS
Exploits1
RubySec
RubySec
added 2021/02/10 12:0 a.m.33 views

Possible DoS Vulnerability in Active Record PostgreSQL adapter

There is a possible DoS vulnerability in the PostgreSQL adapter in Active Record. This vulnerability has been assigned the CVE identifier CVE-2021-22880. Versions Affected: = 4.2.0 Not affected: 4.2.0 Fixed Versions: 6.1.2.1, 6.0.3.5, 5.2.4.5 Impact ------ Carefully crafted input can cause the...

7.5CVSS3AI score0.04434EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder