EUVD-2017-0183

Malware in sbrugna...

SuSE Update for ruby openSUSE-SU-2013:0278-1 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test $Id: gbsuse201302781.nasl 8542 2018-01-26 06:57:28Z teissa $ SuSE Update for ruby openSUSE-SU-2013:0278-1 ruby Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...

ruby on rails to 2.3.16 (important)

This update updates the RubyOnRails 2.3 stack to 2.3.16. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions w...

rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)

The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query...