CVE-2016-2097: rubygem-actionview: Possible Information Leak
Vulnerability in Action View. (boo#968850)
CVE-2016-2098: rubygem-actionpack: Possible remote code execution
vulnerability in Action Pack (boo#968849)

OSVersionArchitecturePackageVersionFilename
openSUSE13.2x86_64rubygem-actionpack-3_2< 3.2.17-3.10.1rubygem-actionpack-3_2-3.2.17-3.10.1.x86_64.rpm
openSUSE13.2i586rubygem-actionpack-3_2< 3.2.17-3.10.1rubygem-actionpack-3_2-3.2.17-3.10.1.i586.rpm
openSUSE13.2x86_64rubygem-actionpack-3_2-doc< 3.2.17-3.10.1rubygem-actionpack-3_2-doc-3.2.17-3.10.1.x86_64.rpm
openSUSE13.2i586rubygem-actionpack-3_2-doc< 3.2.17-3.10.1rubygem-actionpack-3_2-doc-3.2.17-3.10.1.i586.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	13.2	x86_64	rubygem-actionpack-3_2	< 3.2.17-3.10.1	rubygem-actionpack-3_2-3.2.17-3.10.1.x86_64.rpm
openSUSE	13.2	i586	rubygem-actionpack-3_2	< 3.2.17-3.10.1	rubygem-actionpack-3_2-3.2.17-3.10.1.i586.rpm
openSUSE	13.2	x86_64	rubygem-actionpack-3_2-doc	< 3.2.17-3.10.1	rubygem-actionpack-3_2-doc-3.2.17-3.10.1.x86_64.rpm
openSUSE	13.2	i586	rubygem-actionpack-3_2-doc	< 3.2.17-3.10.1	rubygem-actionpack-3_2-doc-3.2.17-3.10.1.i586.rpm

References

bugzilla.suse.com/968849

bugzilla.suse.com/968850

nessus 7

suse 5

freebsd 1

openvas 12

ibm 1

redhat 3

debian 5

osv 4

fedora 4

zdt 1

ubuntucve 2

seebug 2

packetstorm 1

prion 2

cve 2

checkpoint_advisories 1

github 2

canvas 1

debiancve 2

gitlab 1

rubygems 3

hackerone 2

attackerkb 1

veracode 1

nessus

FreeBSD : rails -- multiple vulnerabilities (5a016dd0-8aa8-490e-a596-55f4cc17e4ef)

2016-03-07 00:00:00

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-2016-369)

2016-03-21 00:00:00

Debian DSA-3509-1 : rails - security update

2016-03-10 00:00:00

suse

Security update for rubygem-actionpack-3_2 (important)

2016-04-07 13:08:19

Security update for rubygem-actionview-4_1 (important)

2016-03-22 18:08:06

Security update for rubygem-actionview-4_2 (important)

2016-03-23 19:08:52

freebsd

rails -- multiple vulnerabilities

2016-02-29 00:00:00

openvas

openSUSE: Security Advisory for rubygem-actionpack-3_2 (openSUSE-SU-2016:0835-1)

2016-03-20 00:00:00

Debian Security Advisory DSA 3509-1 (rails - security update)

2016-03-09 00:00:00

Debian: Security Advisory (DSA-3509-1)

2016-03-08 00:00:00

ibm

Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool v9 and IBM BigFix Inventory v9 (CVE-2016-2098 CVE-2016-2097)

2022-08-19 21:04:31

redhat

(RHSA-2016:0456) Important: rh-ror41 security update

2016-03-15 00:00:00

(RHSA-2016:0455) Important: ruby193 security update

2016-03-15 00:00:00

(RHSA-2016:0454) Important: ror40 security update

2016-03-15 00:00:00

debian

[SECURITY] [DSA 3509-1] rails security update

2016-03-09 17:48:46

[SECURITY] [DSA 3509-1] rails security update

2016-03-09 17:13:24

[SECURITY] [DSA 3509-1] rails security update

2016-03-09 17:48:46

osv

rails - security update

2016-03-09 00:00:00

actionpack allows remote code execution via application's unrestricted use of render method

2017-10-24 18:33:35

ruby-actionpack-3.2 - security update

2016-08-28 00:00:00

fedora

[SECURITY] Fedora 22 Update: rubygem-actionview-4.2.0-5.fc22

2016-03-17 21:23:47

[SECURITY] Fedora 23 Update: rubygem-actionpack-4.2.3-5.fc23

2016-03-17 20:58:04

[SECURITY] Fedora 22 Update: rubygem-actionpack-4.2.0-4.fc22

2016-03-17 21:23:47

zdt

Ruby on Rails ActionPack Inline ERB - Code Execution (Metasploit)

2016-07-11 00:00:00

ubuntucve

CVE-2016-2098

2016-04-07 00:00:00

CVE-2016-2097

2016-04-07 00:00:00

seebug

Ruby on Rails Action Pack远程代码执行漏洞

2016-03-17 00:00:00

Ruby on Rails Action View 信息泄漏

2016-03-17 00:00:00

packetstorm

Ruby On Rails ActionPack Inline ERB Code Execution

2016-07-09 00:00:00

prion

Design/Logic Flaw

2016-04-07 23:59:00

Directory traversal

2016-04-07 23:59:00

cve

CVE-2016-2098

2016-04-07 23:59:00

CVE-2016-2097

2016-04-07 23:59:00

checkpoint_advisories

Ruby on Rails Remote Code Execution (CVE-2016-2098)

2016-07-19 00:00:00

github

actionpack allows remote code execution via application's unrestricted use of render method

2017-10-24 18:33:35

actionview contains Path Traversal vulnerability

2017-10-24 18:33:35

canvas

Immunity Canvas: RAILS_ACTIONPACK_RENDER

2016-04-07 23:59:00

debiancve

CVE-2016-2098

2016-04-07 23:59:00

CVE-2016-2097

2016-04-07 23:59:00

gitlab

Possible Information Leak Vulnerability

2016-04-07 00:00:00

rubygems

Possible remote code execution vulnerability in Action Pack

2016-02-28 21:00:00

Possible Information Leak Vulnerability in Action View

2016-02-28 21:00:00

Possible Information Leak Vulnerability in Action View

2016-02-28 21:00:00

hackerone

Ruby on Rails: Remote code execution using render :inline

2016-02-01 19:18:59

Ruby on Rails: Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View

2016-02-01 10:00:34

attackerkb

CVE-2016-2097

2016-04-07 00:00:00

veracode

Directory Traversal And Information Disclosure

2019-01-15 09:10:39

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.943 High

EPSS

Percentile

99.0%

JSON

Related for OPENSUSE-SU-2016:0835-1