Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-0751 (GCVE-0-2016-0751)
Vulnerability from cvelistv5 – Published: 2016-02-16 02:00 – Updated: 2024-08-05 22:30
VLAI?
EPSS
Summary
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-updates/2016-0… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-updates/2016-0… | vendor-advisoryx_refsource_SUSE |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://groups.google.com/forum/message/raw?msg=r… | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/81800 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1034816 | vdb-entryx_refsource_SECTRACK |
| http://www.openwall.com/lists/oss-security/2016/01/25/9 | mailing-listx_refsource_MLIST |
| http://www.debian.org/security/2016/dsa-3464 | vendor-advisoryx_refsource_DEBIAN |
| http://rhn.redhat.com/errata/RHSA-2016-0296.html | vendor-advisoryx_refsource_REDHAT |
Date Public ?
2016-01-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:03.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:0372",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0363",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"name": "FEDORA-2016-94e71ee673",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"name": "[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"name": "FEDORA-2016-f486068393",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"name": "SUSE-SU-2016:1146",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"name": "81800",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/81800"
},
{
"name": "1034816",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034816"
},
{
"name": "[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"name": "DSA-3464",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"name": "RHSA-2016:0296",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-09T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2016:0372",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0363",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"name": "FEDORA-2016-94e71ee673",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"name": "[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"name": "FEDORA-2016-f486068393",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"name": "SUSE-SU-2016:1146",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"name": "81800",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/81800"
},
{
"name": "1034816",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034816"
},
{
"name": "[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"name": "DSA-3464",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"name": "RHSA-2016:0296",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:0372",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0363",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"name": "FEDORA-2016-94e71ee673",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"name": "[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"name": "FEDORA-2016-f486068393",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"name": "SUSE-SU-2016:1146",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"name": "81800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81800"
},
{
"name": "1034816",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034816"
},
{
"name": "[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"name": "DSA-3464",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"name": "RHSA-2016:0296",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0751",
"datePublished": "2016-02-16T02:00:00.000Z",
"dateReserved": "2015-12-16T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:30:03.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-0751",
"date": "2026-05-20",
"epss": "0.06145",
"percentile": "0.90914"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E950E33-CD03-45F5-83F9-F106060B4A8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"547C62C8-4B3E-431B-AA73-5C42ED884671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CDAD329-35F7-4C82-8019-A0CF6D069059\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"56D3858B-0FEE-4E8D-83C2-68AF0431F478\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"254884EE-EBA4-45D0-9704-B5CB22569668\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"35FC7015-267C-403B-A23D-EDA6223D2104\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C913A56-959D-44F1-BD89-D246C66D1F09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D5BA926-38EE-47BE-9D16-FDCF360A503B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"18EA25F1-279A-4F1A-883D-C064369F592E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD794856-6F30-4ABF-8AE4-720BB75E6F89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4199B8B-A6F9-4BFD-8D27-0E663D8C579D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F11E76A3-FA5B-4038-AB52-3D7D5E54D8A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"767C481D-6616-4CA9-9A9B-C994D9121796\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5496953-0C5E-45F8-A7FB-240CEC2CCEB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA46B621-125E-497F-B2DE-91C989B25936\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3239443-2E19-4540-BA0C-05A27E44CB6C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"104AC9CF-6611-4469-9852-7FDAF4EC7638\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC9E1864-B1E5-42C3-B4AF-9A002916B66D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31AC91AA-6A9A-43B4-B3E9-A66A34B6E612\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A462C151-982E-4A83-A376-025015F40645\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"660C2AD2-CEC8-4391-84AF-27515A88B29E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"578CC013-776B-4868-B448-B7ACAF3AF832\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"C310EA3E-399A-48FD-8DE9-6950E328CF23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"293B2998-5169-4960-BEC4-21DAC837E32B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAB8D57F-9849-428C-B8E9-D0A1020728BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0359DA8-6B41-46C5-AA95-41B1B366DD4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0965BDB6-9644-465C-AA32-9278B2D53197\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6B15CF-37C1-4C9B-8457-4A8C9A480188\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"072EB16D-1325-4869-B156-65E786A834C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"847B3C3D-8656-404D-A954-09C159EDC8E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65CA2D50-B33C-4088-BDDF-EB964C9A092C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CADB5989-5260-4F60-ACF2-BEB6D7F97654\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"509597D0-22E1-4BE8-95AD-C54FE4D15FA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"539C550D-FEDD-415E-95AE-40E1AE2BAF1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59C5B869-74FC-4051-A103-A721332B3CF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C31EBD2-CD2D-4D38-AA51-A5A56487939A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33FBD4E4-0BCD-49E1-BA84-86621B7C4556\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83D1EB17-EE67-48E5-B637-AA9A75D397F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2B1711A-5541-412C-A5A0-274CEAB9E387\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"709A19A5-8FD1-4F9C-A38C-F06242A94D68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8104482C-E8F5-40A7-8B27-234FEF725FD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CFF8677-EA00-4F7E-BFF9-272482206DB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D7DF5CD-DA28-492D-B5EE-D252ECCC8D96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"85435026-9855-4BF4-A436-832628B005FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"56C2308F-A590-47B0-9791-7865D189196F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A266882-DABA-4A4C-88E6-60E993EE0947\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83F1142C-3BFB-4B72-A033-81E20DB19D02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FA738A1-227B-4665-B65E-666883FFAE96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F00718C-A9E8-4E85-8DA6-33BF11F2DCCE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"10789A2D-6401-4119-BFBE-2EE4C16216D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"70ABD462-7142-4831-8EB6-801EC1D05573\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81D717DB-7C80-48AA-A774-E291D2E75D6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06B357FB-0307-4EFA-9C5B-3C2CDEA48584\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4BD8840-0F1C-49D3-B843-9CFE64948018\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79D5B492-43F9-470F-BD21-6EFD93E78453\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EC1F602-D48C-458A-A063-4050BE3BB25F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6A1C015-56AD-489C-B301-68CF1DBF1BEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD191625-ACE2-46B6-9AAD-12D682C732C2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"02C7DB56-267B-4057-A9BA-36D1E58C6282\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF8F94CF-D504-4165-A69E-3F1198CB162A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.2.22\", \"matchCriteriaId\": \"4C068362-0D49-4117-BC96-780AA802CE4E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.10:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C8E749B-2908-442A-99F0-91E2772336ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E43D2D7-89AE-4805-9732-F1C601D8D8B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F3D8911-060D-435D-ACA2-E29271170CAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA7A4939-16CF-450D-846A-75B231E32D61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C964D4A2-3F39-4CC7-A028-B42C94DDB56F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B54D9FE-0A38-4053-9F3C-8831E2DD2BF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23FD6D82-9A14-4BD4-AA00-1875F0962ACE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.\"}, {\"lang\": \"es\", \"value\": \"actionpack/lib/action_dispatch/http/mime_type.rb en Action Pack en Ruby on Rails en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 no restringe adecuadamente el uso de la cach\\u00e9 de tipo MIME, lo que permite a atacantes remotos causar una denegaci\\u00f3n de servicio (consumo de memoria) a trav\\u00e9s de una cabecera HTTP Accept manipulada.\"}]",
"id": "CVE-2016-0751",
"lastModified": "2024-11-21T02:42:18.350",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false}]}",
"published": "2016-02-16T02:59:05.877",
"references": "[{\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0296.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3464\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/01/25/9\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/81800\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securitytracker.com/id/1034816\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0296.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3464\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/01/25/9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/81800\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1034816\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-0751\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-02-16T02:59:05.877\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.\"},{\"lang\":\"es\",\"value\":\"actionpack/lib/action_dispatch/http/mime_type.rb en Action Pack en Ruby on Rails en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 no restringe adecuadamente el uso de la cach\u00e9 de tipo MIME, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de una cabecera HTTP Accept manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E950E33-CD03-45F5-83F9-F106060B4A8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"547C62C8-4B3E-431B-AA73-5C42ED884671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDAD329-35F7-4C82-8019-A0CF6D069059\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"56D3858B-0FEE-4E8D-83C2-68AF0431F478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"254884EE-EBA4-45D0-9704-B5CB22569668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"35FC7015-267C-403B-A23D-EDA6223D2104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C913A56-959D-44F1-BD89-D246C66D1F09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D5BA926-38EE-47BE-9D16-FDCF360A503B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"18EA25F1-279A-4F1A-883D-C064369F592E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD794856-6F30-4ABF-8AE4-720BB75E6F89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4199B8B-A6F9-4BFD-8D27-0E663D8C579D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F11E76A3-FA5B-4038-AB52-3D7D5E54D8A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"767C481D-6616-4CA9-9A9B-C994D9121796\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5496953-0C5E-45F8-A7FB-240CEC2CCEB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA46B621-125E-497F-B2DE-91C989B25936\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3239443-2E19-4540-BA0C-05A27E44CB6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"104AC9CF-6611-4469-9852-7FDAF4EC7638\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC9E1864-B1E5-42C3-B4AF-9A002916B66D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AC91AA-6A9A-43B4-B3E9-A66A34B6E612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A462C151-982E-4A83-A376-025015F40645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"660C2AD2-CEC8-4391-84AF-27515A88B29E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"578CC013-776B-4868-B448-B7ACAF3AF832\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C310EA3E-399A-48FD-8DE9-6950E328CF23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"293B2998-5169-4960-BEC4-21DAC837E32B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB8D57F-9849-428C-B8E9-D0A1020728BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0359DA8-6B41-46C5-AA95-41B1B366DD4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0965BDB6-9644-465C-AA32-9278B2D53197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6B15CF-37C1-4C9B-8457-4A8C9A480188\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"072EB16D-1325-4869-B156-65E786A834C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"847B3C3D-8656-404D-A954-09C159EDC8E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65CA2D50-B33C-4088-BDDF-EB964C9A092C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CADB5989-5260-4F60-ACF2-BEB6D7F97654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"509597D0-22E1-4BE8-95AD-C54FE4D15FA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"539C550D-FEDD-415E-95AE-40E1AE2BAF1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59C5B869-74FC-4051-A103-A721332B3CF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C31EBD2-CD2D-4D38-AA51-A5A56487939A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33FBD4E4-0BCD-49E1-BA84-86621B7C4556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83D1EB17-EE67-48E5-B637-AA9A75D397F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2B1711A-5541-412C-A5A0-274CEAB9E387\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"709A19A5-8FD1-4F9C-A38C-F06242A94D68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8104482C-E8F5-40A7-8B27-234FEF725FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CFF8677-EA00-4F7E-BFF9-272482206DB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D7DF5CD-DA28-492D-B5EE-D252ECCC8D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"85435026-9855-4BF4-A436-832628B005FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"56C2308F-A590-47B0-9791-7865D189196F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A266882-DABA-4A4C-88E6-60E993EE0947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83F1142C-3BFB-4B72-A033-81E20DB19D02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA738A1-227B-4665-B65E-666883FFAE96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F00718C-A9E8-4E85-8DA6-33BF11F2DCCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"10789A2D-6401-4119-BFBE-2EE4C16216D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"70ABD462-7142-4831-8EB6-801EC1D05573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81D717DB-7C80-48AA-A774-E291D2E75D6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06B357FB-0307-4EFA-9C5B-3C2CDEA48584\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4BD8840-0F1C-49D3-B843-9CFE64948018\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79D5B492-43F9-470F-BD21-6EFD93E78453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC1F602-D48C-458A-A063-4050BE3BB25F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6A1C015-56AD-489C-B301-68CF1DBF1BEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD191625-ACE2-46B6-9AAD-12D682C732C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C7DB56-267B-4057-A9BA-36D1E58C6282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF8F94CF-D504-4165-A69E-3F1198CB162A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.2.22\",\"matchCriteriaId\":\"4C068362-0D49-4117-BC96-780AA802CE4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.10:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C8E749B-2908-442A-99F0-91E2772336ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E43D2D7-89AE-4805-9732-F1C601D8D8B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F3D8911-060D-435D-ACA2-E29271170CAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA7A4939-16CF-450D-846A-75B231E32D61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C964D4A2-3F39-4CC7-A028-B42C94DDB56F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B54D9FE-0A38-4053-9F3C-8831E2DD2BF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23FD6D82-9A14-4BD4-AA00-1875F0962ACE\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0296.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3464\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/01/25/9\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/81800\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1034816\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0296.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3464\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/01/25/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/81800\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2016-AVI-037
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Ruby On Rails. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 4.1.x antérieures à 4.1.14.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 4.2.x antérieures à 4.2.5.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 5.0.x antérieures à 5.0.0.beta1.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 3.2.x antérieures à 3.2.22.1 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ruby on Rails versions 4.1.x ant\u00e9rieures \u00e0 4.1.14.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 4.2.x ant\u00e9rieures \u00e0 4.2.5.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 5.0.x ant\u00e9rieures \u00e0 5.0.0.beta1.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 3.2.x ant\u00e9rieures \u00e0 3.2.22.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-0752",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0752"
},
{
"name": "CVE-2016-0753",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0753"
},
{
"name": "CVE-2015-7578",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7578"
},
{
"name": "CVE-2015-7581",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7581"
},
{
"name": "CVE-2015-7579",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7579"
},
{
"name": "CVE-2016-0751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0751"
},
{
"name": "CVE-2015-7576",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7576"
},
{
"name": "CVE-2015-7577",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7577"
}
],
"links": [
{
"title": "Ruby On Rails groups.google.com",
"url": "https://groups.google.com/forum/?_escaped_fragment_=forum/rubyonrails-security#!forum/rubyonrails-security"
}
],
"reference": "CERTFR-2016-AVI-037",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-01-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eRuby On Rails\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un\ncontournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Ruby On Rails",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby On Rails du 25 janvier 2016",
"url": "http://weblog.rubyonrails.org/"
}
]
}
CERTFR-2017-AVI-092
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | watchOS versions antérieures à 3.2 | ||
| Apple | N/A | iOS versions antérieures à 10.3 | ||
| Apple | N/A | Pages versions antérieures à 3.1, Numbers versions antérieures à 3.1 et Keynote versions antérieures à 3.1 pour iOS | ||
| Apple | macOS | macOS Yosemite sans le Security Update 2017-001 | ||
| Apple | macOS | macOS Server versions antérieures à 5.3 | ||
| Apple | macOS | macOS Sierra versions antérieures à 10.12.4 | ||
| Apple | macOS | macOS El Capitan sans le Security Update 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 10.2 | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 6.2 | ||
| Apple | Safari | Safari versions antérieures à 10.1 | ||
| Apple | N/A | Pages versions antérieures à 6.1, Numbers versions antérieures à 4.1 et Keynote versions antérieures à 7.1 pour Mac |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "watchOS versions ant\u00e9rieures \u00e0 3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 10.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Pages versions ant\u00e9rieures \u00e0 3.1, Numbers versions ant\u00e9rieures \u00e0 3.1 et Keynote versions ant\u00e9rieures \u00e0 3.1 pour iOS",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Yosemite sans le Security Update 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Server versions ant\u00e9rieures \u00e0 5.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le Security Update 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 10.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 10.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Pages versions ant\u00e9rieures \u00e0 6.1, Numbers versions ant\u00e9rieures \u00e0 4.1 et Keynote versions ant\u00e9rieures \u00e0 7.1 pour Mac",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2455"
},
{
"name": "CVE-2016-7922",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7922"
},
{
"name": "CVE-2016-7936",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7936"
},
{
"name": "CVE-2017-2464",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2464"
},
{
"name": "CVE-2017-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2397"
},
{
"name": "CVE-2017-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2414"
},
{
"name": "CVE-2017-2404",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2404"
},
{
"name": "CVE-2017-2376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2376"
},
{
"name": "CVE-2017-6974",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6974"
},
{
"name": "CVE-2017-5203",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5203"
},
{
"name": "CVE-2016-7933",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7933"
},
{
"name": "CVE-2016-0736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0736"
},
{
"name": "CVE-2017-5204",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5204"
},
{
"name": "CVE-2017-2400",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2400"
},
{
"name": "CVE-2017-5484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5484"
},
{
"name": "CVE-2017-2413",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2413"
},
{
"name": "CVE-2017-2391",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2391"
},
{
"name": "CVE-2017-2420",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2420"
},
{
"name": "CVE-2017-2446",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2446"
},
{
"name": "CVE-2016-7993",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7993"
},
{
"name": "CVE-2016-7932",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7932"
},
{
"name": "CVE-2017-2431",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2431"
},
{
"name": "CVE-2017-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2367"
},
{
"name": "CVE-2016-7973",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7973"
},
{
"name": "CVE-2016-8575",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8575"
},
{
"name": "CVE-2017-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2418"
},
{
"name": "CVE-2017-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2412"
},
{
"name": "CVE-2017-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2426"
},
{
"name": "CVE-2017-2448",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2448"
},
{
"name": "CVE-2017-2462",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2462"
},
{
"name": "CVE-2016-9540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9540"
},
{
"name": "CVE-2017-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2452"
},
{
"name": "CVE-2017-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2437"
},
{
"name": "CVE-2017-2423",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2423"
},
{
"name": "CVE-2017-2472",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2472"
},
{
"name": "CVE-2016-9643",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9643"
},
{
"name": "CVE-2016-1001",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1001"
},
{
"name": "CVE-2016-8574",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8574"
},
{
"name": "CVE-2017-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2453"
},
{
"name": "CVE-2017-2487",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2487"
},
{
"name": "CVE-2017-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
},
{
"name": "CVE-2017-2396",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2396"
},
{
"name": "CVE-2017-2475",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2475"
},
{
"name": "CVE-2017-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2481"
},
{
"name": "CVE-2017-5483",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5483"
},
{
"name": "CVE-2017-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2440"
},
{
"name": "CVE-2017-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2479"
},
{
"name": "CVE-2017-2468",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2468"
},
{
"name": "CVE-2017-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2388"
},
{
"name": "CVE-2016-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1015"
},
{
"name": "CVE-2017-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2458"
},
{
"name": "CVE-2017-2471",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2471"
},
{
"name": "CVE-2016-7975",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7975"
},
{
"name": "CVE-2016-7986",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7986"
},
{
"name": "CVE-2017-2406",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2406"
},
{
"name": "CVE-2017-5485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5485"
},
{
"name": "CVE-2017-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2441"
},
{
"name": "CVE-2016-5636",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5636"
},
{
"name": "CVE-2017-2443",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2443"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2016-7934",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7934"
},
{
"name": "CVE-2017-2463",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2463"
},
{
"name": "CVE-2017-2392",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2392"
},
{
"name": "CVE-2016-9533",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9533"
},
{
"name": "CVE-2017-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2428"
},
{
"name": "CVE-2016-7928",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7928"
},
{
"name": "CVE-2017-2439",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2439"
},
{
"name": "CVE-2017-2408",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2408"
},
{
"name": "CVE-2017-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2390"
},
{
"name": "CVE-2016-0751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0751"
},
{
"name": "CVE-2017-2449",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2449"
},
{
"name": "CVE-2016-7927",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7927"
},
{
"name": "CVE-2017-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2383"
},
{
"name": "CVE-2017-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2483"
},
{
"name": "CVE-2007-6750",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6750"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2016-9536",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9536"
},
{
"name": "CVE-2017-2486",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2486"
},
{
"name": "CVE-2017-2465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2465"
},
{
"name": "CVE-2017-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2422"
},
{
"name": "CVE-2016-7974",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7974"
},
{
"name": "CVE-2017-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2425"
},
{
"name": "CVE-2017-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5341"
},
{
"name": "CVE-2017-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2399"
},
{
"name": "CVE-2017-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2389"
},
{
"name": "CVE-2017-2485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2485"
},
{
"name": "CVE-2016-7935",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7935"
},
{
"name": "CVE-2017-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2478"
},
{
"name": "CVE-2017-2467",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2467"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2435"
},
{
"name": "CVE-2016-9537",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9537"
},
{
"name": "CVE-2017-2407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2407"
},
{
"name": "CVE-2017-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2385"
},
{
"name": "CVE-2017-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2424"
},
{
"name": "CVE-2017-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2436"
},
{
"name": "CVE-2017-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2454"
},
{
"name": "CVE-2016-7984",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7984"
},
{
"name": "CVE-2016-7585",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7585"
},
{
"name": "CVE-2016-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9935"
},
{
"name": "CVE-2016-7931",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7931"
},
{
"name": "CVE-2017-2378",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2378"
},
{
"name": "CVE-2016-7939",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7939"
},
{
"name": "CVE-2017-2377",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2377"
},
{
"name": "CVE-2017-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2402"
},
{
"name": "CVE-2017-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2427"
},
{
"name": "CVE-2017-2473",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2473"
},
{
"name": "CVE-2017-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2398"
},
{
"name": "CVE-2017-2469",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2469"
},
{
"name": "CVE-2016-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3619"
},
{
"name": "CVE-2017-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2459"
},
{
"name": "CVE-2017-2386",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2386"
},
{
"name": "CVE-2017-2401",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2401"
},
{
"name": "CVE-2016-7923",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7923"
},
{
"name": "CVE-2017-2419",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2419"
},
{
"name": "CVE-2017-2474",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2474"
},
{
"name": "CVE-2016-7985",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7985"
},
{
"name": "CVE-2016-9539",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9539"
},
{
"name": "CVE-2017-2409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2409"
},
{
"name": "CVE-2016-7992",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7992"
},
{
"name": "CVE-2017-2380",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2380"
},
{
"name": "CVE-2017-2484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2484"
},
{
"name": "CVE-2017-2466",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2466"
},
{
"name": "CVE-2017-2393",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2393"
},
{
"name": "CVE-2017-2395",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2395"
},
{
"name": "CVE-2017-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2445"
},
{
"name": "CVE-2016-7929",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7929"
},
{
"name": "CVE-2017-2442",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2442"
},
{
"name": "CVE-2017-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2416"
},
{
"name": "CVE-2017-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2444"
},
{
"name": "CVE-2017-2364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2364"
},
{
"name": "CVE-2017-5342",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5342"
},
{
"name": "CVE-2017-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2415"
},
{
"name": "CVE-2017-2379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2379"
},
{
"name": "CVE-2017-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2457"
},
{
"name": "CVE-2017-2434",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2434"
},
{
"name": "CVE-2017-2382",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2382"
},
{
"name": "CVE-2017-2381",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2381"
},
{
"name": "CVE-2017-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2410"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-2421",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2421"
},
{
"name": "CVE-2017-5205",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5205"
},
{
"name": "CVE-2016-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7940"
},
{
"name": "CVE-2017-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2438"
},
{
"name": "CVE-2017-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2460"
},
{
"name": "CVE-2017-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5482"
},
{
"name": "CVE-2016-7926",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7926"
},
{
"name": "CVE-2017-2403",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2403"
},
{
"name": "CVE-2017-2461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2461"
},
{
"name": "CVE-2017-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2384"
},
{
"name": "CVE-2017-5486",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5486"
},
{
"name": "CVE-2016-7937",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7937"
},
{
"name": "CVE-2016-7983",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7983"
},
{
"name": "CVE-2016-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1016"
},
{
"name": "CVE-2016-9642",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9642"
},
{
"name": "CVE-2016-7925",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7925"
},
{
"name": "CVE-2017-2405",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2405"
},
{
"name": "CVE-2017-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2417"
},
{
"name": "CVE-2017-2447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2447"
},
{
"name": "CVE-2017-2482",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2482"
},
{
"name": "CVE-2017-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2451"
},
{
"name": "CVE-2017-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2430"
},
{
"name": "CVE-2016-7930",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7930"
},
{
"name": "CVE-2017-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2456"
},
{
"name": "CVE-2016-7056",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
},
{
"name": "CVE-2017-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2432"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-2470",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2470"
},
{
"name": "CVE-2016-9538",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9538"
},
{
"name": "CVE-2017-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2476"
},
{
"name": "CVE-2016-7938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7938"
},
{
"name": "CVE-2017-5202",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5202"
},
{
"name": "CVE-2016-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000"
},
{
"name": "CVE-2017-2433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2433"
},
{
"name": "CVE-2017-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2450"
},
{
"name": "CVE-2017-2480",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2480"
},
{
"name": "CVE-2016-9535",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9535"
},
{
"name": "CVE-2016-7924",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7924"
},
{
"name": "CVE-2017-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2429"
},
{
"name": "CVE-2017-2394",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2394"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-092",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-03-28T00:00:00.000000"
},
{
"description": "ajout des informations li\u00e9es au bulletin de s\u00e9curit\u00e9 HT207607.",
"revision_date": "2017-03-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207604 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207604"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207607 du 28 mars 2017",
"url": "https://support.apple.com/en-us/HT207607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207615 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207615"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207602 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207600 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207595 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207595"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207601 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207617 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207617"
}
]
}
CERTFR-2016-AVI-037
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Ruby On Rails. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 4.1.x antérieures à 4.1.14.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 4.2.x antérieures à 4.2.5.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 5.0.x antérieures à 5.0.0.beta1.1 | ||
| Ruby on Rails | Ruby on Rails | Ruby on Rails versions 3.2.x antérieures à 3.2.22.1 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ruby on Rails versions 4.1.x ant\u00e9rieures \u00e0 4.1.14.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 4.2.x ant\u00e9rieures \u00e0 4.2.5.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 5.0.x ant\u00e9rieures \u00e0 5.0.0.beta1.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
},
{
"description": "Ruby on Rails versions 3.2.x ant\u00e9rieures \u00e0 3.2.22.1",
"product": {
"name": "Ruby on Rails",
"vendor": {
"name": "Ruby on Rails",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-0752",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0752"
},
{
"name": "CVE-2016-0753",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0753"
},
{
"name": "CVE-2015-7578",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7578"
},
{
"name": "CVE-2015-7581",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7581"
},
{
"name": "CVE-2015-7579",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7579"
},
{
"name": "CVE-2016-0751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0751"
},
{
"name": "CVE-2015-7576",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7576"
},
{
"name": "CVE-2015-7577",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7577"
}
],
"links": [
{
"title": "Ruby On Rails groups.google.com",
"url": "https://groups.google.com/forum/?_escaped_fragment_=forum/rubyonrails-security#!forum/rubyonrails-security"
}
],
"reference": "CERTFR-2016-AVI-037",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-01-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eRuby On Rails\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un\ncontournement de la politique de s\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Ruby On Rails",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ruby On Rails du 25 janvier 2016",
"url": "http://weblog.rubyonrails.org/"
}
]
}
CERTFR-2017-AVI-092
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | watchOS versions antérieures à 3.2 | ||
| Apple | N/A | iOS versions antérieures à 10.3 | ||
| Apple | N/A | Pages versions antérieures à 3.1, Numbers versions antérieures à 3.1 et Keynote versions antérieures à 3.1 pour iOS | ||
| Apple | macOS | macOS Yosemite sans le Security Update 2017-001 | ||
| Apple | macOS | macOS Server versions antérieures à 5.3 | ||
| Apple | macOS | macOS Sierra versions antérieures à 10.12.4 | ||
| Apple | macOS | macOS El Capitan sans le Security Update 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 10.2 | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 6.2 | ||
| Apple | Safari | Safari versions antérieures à 10.1 | ||
| Apple | N/A | Pages versions antérieures à 6.1, Numbers versions antérieures à 4.1 et Keynote versions antérieures à 7.1 pour Mac |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "watchOS versions ant\u00e9rieures \u00e0 3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 10.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Pages versions ant\u00e9rieures \u00e0 3.1, Numbers versions ant\u00e9rieures \u00e0 3.1 et Keynote versions ant\u00e9rieures \u00e0 3.1 pour iOS",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Yosemite sans le Security Update 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Server versions ant\u00e9rieures \u00e0 5.3",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions ant\u00e9rieures \u00e0 10.12.4",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le Security Update 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 10.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 10.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Pages versions ant\u00e9rieures \u00e0 6.1, Numbers versions ant\u00e9rieures \u00e0 4.1 et Keynote versions ant\u00e9rieures \u00e0 7.1 pour Mac",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2455"
},
{
"name": "CVE-2016-7922",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7922"
},
{
"name": "CVE-2016-7936",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7936"
},
{
"name": "CVE-2017-2464",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2464"
},
{
"name": "CVE-2017-2397",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2397"
},
{
"name": "CVE-2017-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2414"
},
{
"name": "CVE-2017-2404",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2404"
},
{
"name": "CVE-2017-2376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2376"
},
{
"name": "CVE-2017-6974",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6974"
},
{
"name": "CVE-2017-5203",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5203"
},
{
"name": "CVE-2016-7933",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7933"
},
{
"name": "CVE-2016-0736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0736"
},
{
"name": "CVE-2017-5204",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5204"
},
{
"name": "CVE-2017-2400",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2400"
},
{
"name": "CVE-2017-5484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5484"
},
{
"name": "CVE-2017-2413",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2413"
},
{
"name": "CVE-2017-2391",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2391"
},
{
"name": "CVE-2017-2420",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2420"
},
{
"name": "CVE-2017-2446",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2446"
},
{
"name": "CVE-2016-7993",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7993"
},
{
"name": "CVE-2016-7932",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7932"
},
{
"name": "CVE-2017-2431",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2431"
},
{
"name": "CVE-2017-2367",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2367"
},
{
"name": "CVE-2016-7973",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7973"
},
{
"name": "CVE-2016-8575",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8575"
},
{
"name": "CVE-2017-2418",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2418"
},
{
"name": "CVE-2017-2412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2412"
},
{
"name": "CVE-2017-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2426"
},
{
"name": "CVE-2017-2448",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2448"
},
{
"name": "CVE-2017-2462",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2462"
},
{
"name": "CVE-2016-9540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9540"
},
{
"name": "CVE-2017-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2452"
},
{
"name": "CVE-2017-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2437"
},
{
"name": "CVE-2017-2423",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2423"
},
{
"name": "CVE-2017-2472",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2472"
},
{
"name": "CVE-2016-9643",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9643"
},
{
"name": "CVE-2016-1001",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1001"
},
{
"name": "CVE-2016-8574",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8574"
},
{
"name": "CVE-2017-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2453"
},
{
"name": "CVE-2017-2487",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2487"
},
{
"name": "CVE-2017-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5029"
},
{
"name": "CVE-2017-2396",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2396"
},
{
"name": "CVE-2017-2475",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2475"
},
{
"name": "CVE-2017-2481",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2481"
},
{
"name": "CVE-2017-5483",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5483"
},
{
"name": "CVE-2017-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2440"
},
{
"name": "CVE-2017-2479",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2479"
},
{
"name": "CVE-2017-2468",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2468"
},
{
"name": "CVE-2017-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2388"
},
{
"name": "CVE-2016-1015",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1015"
},
{
"name": "CVE-2017-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2458"
},
{
"name": "CVE-2017-2471",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2471"
},
{
"name": "CVE-2016-7975",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7975"
},
{
"name": "CVE-2016-7986",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7986"
},
{
"name": "CVE-2017-2406",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2406"
},
{
"name": "CVE-2017-5485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5485"
},
{
"name": "CVE-2017-2441",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2441"
},
{
"name": "CVE-2016-5636",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5636"
},
{
"name": "CVE-2017-2443",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2443"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2016-7934",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7934"
},
{
"name": "CVE-2017-2463",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2463"
},
{
"name": "CVE-2017-2392",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2392"
},
{
"name": "CVE-2016-9533",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9533"
},
{
"name": "CVE-2017-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2428"
},
{
"name": "CVE-2016-7928",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7928"
},
{
"name": "CVE-2017-2439",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2439"
},
{
"name": "CVE-2017-2408",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2408"
},
{
"name": "CVE-2017-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2390"
},
{
"name": "CVE-2016-0751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0751"
},
{
"name": "CVE-2017-2449",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2449"
},
{
"name": "CVE-2016-7927",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7927"
},
{
"name": "CVE-2017-2383",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2383"
},
{
"name": "CVE-2017-2483",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2483"
},
{
"name": "CVE-2007-6750",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6750"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2016-9536",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9536"
},
{
"name": "CVE-2017-2486",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2486"
},
{
"name": "CVE-2017-2465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2465"
},
{
"name": "CVE-2017-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2422"
},
{
"name": "CVE-2016-7974",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7974"
},
{
"name": "CVE-2017-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2425"
},
{
"name": "CVE-2017-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5341"
},
{
"name": "CVE-2017-2399",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2399"
},
{
"name": "CVE-2017-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2389"
},
{
"name": "CVE-2017-2485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2485"
},
{
"name": "CVE-2016-7935",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7935"
},
{
"name": "CVE-2017-2478",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2478"
},
{
"name": "CVE-2017-2467",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2467"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2435"
},
{
"name": "CVE-2016-9537",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9537"
},
{
"name": "CVE-2017-2407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2407"
},
{
"name": "CVE-2017-2385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2385"
},
{
"name": "CVE-2017-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2424"
},
{
"name": "CVE-2017-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2436"
},
{
"name": "CVE-2017-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2454"
},
{
"name": "CVE-2016-7984",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7984"
},
{
"name": "CVE-2016-7585",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7585"
},
{
"name": "CVE-2016-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9935"
},
{
"name": "CVE-2016-7931",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7931"
},
{
"name": "CVE-2017-2378",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2378"
},
{
"name": "CVE-2016-7939",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7939"
},
{
"name": "CVE-2017-2377",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2377"
},
{
"name": "CVE-2017-2402",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2402"
},
{
"name": "CVE-2017-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2427"
},
{
"name": "CVE-2017-2473",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2473"
},
{
"name": "CVE-2017-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2398"
},
{
"name": "CVE-2017-2469",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2469"
},
{
"name": "CVE-2016-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3619"
},
{
"name": "CVE-2017-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2459"
},
{
"name": "CVE-2017-2386",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2386"
},
{
"name": "CVE-2017-2401",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2401"
},
{
"name": "CVE-2016-7923",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7923"
},
{
"name": "CVE-2017-2419",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2419"
},
{
"name": "CVE-2017-2474",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2474"
},
{
"name": "CVE-2016-7985",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7985"
},
{
"name": "CVE-2016-9539",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9539"
},
{
"name": "CVE-2017-2409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2409"
},
{
"name": "CVE-2016-7992",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7992"
},
{
"name": "CVE-2017-2380",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2380"
},
{
"name": "CVE-2017-2484",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2484"
},
{
"name": "CVE-2017-2466",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2466"
},
{
"name": "CVE-2017-2393",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2393"
},
{
"name": "CVE-2017-2395",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2395"
},
{
"name": "CVE-2017-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2445"
},
{
"name": "CVE-2016-7929",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7929"
},
{
"name": "CVE-2017-2442",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2442"
},
{
"name": "CVE-2017-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2416"
},
{
"name": "CVE-2017-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2444"
},
{
"name": "CVE-2017-2364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2364"
},
{
"name": "CVE-2017-5342",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5342"
},
{
"name": "CVE-2017-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2415"
},
{
"name": "CVE-2017-2379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2379"
},
{
"name": "CVE-2017-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2457"
},
{
"name": "CVE-2017-2434",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2434"
},
{
"name": "CVE-2017-2382",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2382"
},
{
"name": "CVE-2017-2381",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2381"
},
{
"name": "CVE-2017-2410",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2410"
},
{
"name": "CVE-2016-9586",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9586"
},
{
"name": "CVE-2017-2421",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2421"
},
{
"name": "CVE-2017-5205",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5205"
},
{
"name": "CVE-2016-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7940"
},
{
"name": "CVE-2017-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2438"
},
{
"name": "CVE-2017-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2460"
},
{
"name": "CVE-2017-5482",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5482"
},
{
"name": "CVE-2016-7926",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7926"
},
{
"name": "CVE-2017-2403",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2403"
},
{
"name": "CVE-2017-2461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2461"
},
{
"name": "CVE-2017-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2384"
},
{
"name": "CVE-2017-5486",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5486"
},
{
"name": "CVE-2016-7937",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7937"
},
{
"name": "CVE-2016-7983",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7983"
},
{
"name": "CVE-2016-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1016"
},
{
"name": "CVE-2016-9642",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9642"
},
{
"name": "CVE-2016-7925",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7925"
},
{
"name": "CVE-2017-2405",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2405"
},
{
"name": "CVE-2017-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2417"
},
{
"name": "CVE-2017-2447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2447"
},
{
"name": "CVE-2017-2482",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2482"
},
{
"name": "CVE-2017-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2451"
},
{
"name": "CVE-2017-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2430"
},
{
"name": "CVE-2016-7930",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7930"
},
{
"name": "CVE-2017-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2456"
},
{
"name": "CVE-2016-7056",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
},
{
"name": "CVE-2017-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2432"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-2470",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2470"
},
{
"name": "CVE-2016-9538",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9538"
},
{
"name": "CVE-2017-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2476"
},
{
"name": "CVE-2016-7938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7938"
},
{
"name": "CVE-2017-5202",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5202"
},
{
"name": "CVE-2016-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000"
},
{
"name": "CVE-2017-2433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2433"
},
{
"name": "CVE-2017-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2450"
},
{
"name": "CVE-2017-2480",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2480"
},
{
"name": "CVE-2016-9535",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9535"
},
{
"name": "CVE-2016-7924",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7924"
},
{
"name": "CVE-2017-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2429"
},
{
"name": "CVE-2017-2394",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2394"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-092",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-03-28T00:00:00.000000"
},
{
"description": "ajout des informations li\u00e9es au bulletin de s\u00e9curit\u00e9 HT207607.",
"revision_date": "2017-03-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire,\nun d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207604 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207604"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207607 du 28 mars 2017",
"url": "https://support.apple.com/en-us/HT207607"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207615 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207615"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207602 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207600 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207595 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207595"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207601 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT207617 du 27 mars 2017",
"url": "https://support.apple.com/en-us/HT207617"
}
]
}
BDU:2016-00811
Vulnerability from fstec - Published: 16.02.2016
VLAI Severity ?
Title
Уязвимость программной платформы Ruby on Rails, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции actionpack/lib/action_dispatch/http/mime_type.rb компонента Action Pack программной платформы Ruby on Rails связана с отсутствием ограничений на использование MIME-кэша. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании (расходование памяти) при помощи специально созданного HTTP-заголовка
Severity ?
Vendor
Rails Core Team
Software Name
Ruby on Rails
Software Version
от 4.0 до 4.1.14.1 (Ruby on Rails), от 4.2 до 4.2.5.1 (Ruby on Rails), от 5.0 до 5.0.0beta1.1 (Ruby on Rails), до 3.2.22 включительно (Ruby on Rails)
Possible Mitigations
Обновление программного средства до версии 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1 или новее
Reference
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ
http://www.openwall.com/lists/oss-security/2016/01/25/9
CWE
CWE-399
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Rails Core Team",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 4.0 \u0434\u043e 4.1.14.1 (Ruby on Rails), \u043e\u0442 4.2 \u0434\u043e 4.2.5.1 (Ruby on Rails), \u043e\u0442 5.0 \u0434\u043e 5.0.0beta1.1 (Ruby on Rails), \u0434\u043e 3.2.22 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Ruby on Rails)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1 \u0438\u043b\u0438 \u043d\u043e\u0432\u0435\u0435",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "16.02.2016",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "31.03.2016",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2016-00811",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-0751",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ruby on Rails",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 32-bit, Apple Inc. MacOS X 32-bit, Microsoft Corp Windows - 64-bit, Microsoft Corp Windows - 32-bit, Apple Inc. MacOS X 64-bit, Oracle Corp. Solaris . 64-bit, Oracle Corp. Solaris . 32-bit, Oracle Corp. Solaris . SPARC",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Ruby on Rails, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041e\u0448\u0438\u0431\u043a\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u043c (CWE-399)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 actionpack/lib/action_dispatch/http/mime_type.rb \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 Action Pack \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Ruby on Rails \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 MIME-\u043a\u044d\u0448\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (\u0440\u0430\u0441\u0445\u043e\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438) \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e HTTP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ\nhttp://www.openwall.com/lists/oss-security/2016/01/25/9",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-399",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)"
}
CNVD-2016-00967
Vulnerability from cnvd - Published: 2016-02-16
VLAI Severity ?
Title
Ruby on Rails Action Pack拒绝服务漏洞
Description
Ruby on Rails是Rails核心团队开发维护的一套基于Ruby语言的开源Web应用框架。Action Pack是其中的一个用于构建和测试MVC Web应用程序的组件。
Ruby on Rails Action Pack存在安全漏洞,允许远程攻击者可利用该漏洞提交特殊请求进行拒绝服务攻击。
Severity
中
Patch Name
Ruby on Rails Action Pack拒绝服务漏洞的补丁
Patch Description
Ruby on Rails是Rails核心团队开发维护的一套基于Ruby语言的开源Web应用框架。Action Pack是其中的一个用于构建和测试MVC Web应用程序的组件。
Ruby on Rails Action Pack存在安全漏洞,允许远程攻击者可利用该漏洞提交特殊请求进行拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/
Reference
http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/
Impacted products
| Name | Ruby on Rails Action Pack |
|---|
{
"bids": {
"bid": {
"bidNumber": "81800"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2016-0751"
}
},
"description": "Ruby on Rails\u662fRails\u6838\u5fc3\u56e2\u961f\u5f00\u53d1\u7ef4\u62a4\u7684\u4e00\u5957\u57fa\u4e8eRuby\u8bed\u8a00\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\u3002Action Pack\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u6784\u5efa\u548c\u6d4b\u8bd5MVC Web\u5e94\u7528\u7a0b\u5e8f\u7684\u7ec4\u4ef6\u3002\r\n\r\nRuby on Rails Action Pack\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"discovererName": "Aaron Patterson",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-00967",
"openTime": "2016-02-16",
"patchDescription": "Ruby on Rails\u662fRails\u6838\u5fc3\u56e2\u961f\u5f00\u53d1\u7ef4\u62a4\u7684\u4e00\u5957\u57fa\u4e8eRuby\u8bed\u8a00\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\u3002Action Pack\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u6784\u5efa\u548c\u6d4b\u8bd5MVC Web\u5e94\u7528\u7a0b\u5e8f\u7684\u7ec4\u4ef6\u3002\r\n\r\nRuby on Rails Action Pack\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Ruby on Rails Action Pack\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Ruby on Rails Action Pack"
},
"referenceLink": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"serverity": "\u4e2d",
"submitTime": "2016-02-08",
"title": "Ruby on Rails Action Pack\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
FKIE_CVE-2016-0751
Vulnerability from fkie_nvd - Published: 2016-02-16 02:59 - Updated: 2026-05-06 22:30
Severity ?
Summary
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2E950E33-CD03-45F5-83F9-F106060B4A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "547C62C8-4B3E-431B-AA73-5C42ED884671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4CDAD329-35F7-4C82-8019-A0CF6D069059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "56D3858B-0FEE-4E8D-83C2-68AF0431F478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "254884EE-EBA4-45D0-9704-B5CB22569668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "35FC7015-267C-403B-A23D-EDA6223D2104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5C913A56-959D-44F1-BD89-D246C66D1F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "5D5BA926-38EE-47BE-9D16-FDCF360A503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "18EA25F1-279A-4F1A-883D-C064369F592E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FD794856-6F30-4ABF-8AE4-720BB75E6F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B4199B8B-A6F9-4BFD-8D27-0E663D8C579D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F11E76A3-FA5B-4038-AB52-3D7D5E54D8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "767C481D-6616-4CA9-9A9B-C994D9121796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D5496953-0C5E-45F8-A7FB-240CEC2CCEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CA46B621-125E-497F-B2DE-91C989B25936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B3239443-2E19-4540-BA0C-05A27E44CB6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*",
"matchCriteriaId": "104AC9CF-6611-4469-9852-7FDAF4EC7638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9E1864-B1E5-42C3-B4AF-9A002916B66D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "31AC91AA-6A9A-43B4-B3E9-A66A34B6E612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A462C151-982E-4A83-A376-025015F40645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "660C2AD2-CEC8-4391-84AF-27515A88B29E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "578CC013-776B-4868-B448-B7ACAF3AF832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C310EA3E-399A-48FD-8DE9-6950E328CF23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "293B2998-5169-4960-BEC4-21DAC837E32B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB8D57F-9849-428C-B8E9-D0A1020728BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B0359DA8-6B41-46C5-AA95-41B1B366DD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0965BDB6-9644-465C-AA32-9278B2D53197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F6B15CF-37C1-4C9B-8457-4A8C9A480188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "072EB16D-1325-4869-B156-65E786A834C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "847B3C3D-8656-404D-A954-09C159EDC8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65CA2D50-B33C-4088-BDDF-EB964C9A092C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CADB5989-5260-4F60-ACF2-BEB6D7F97654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "509597D0-22E1-4BE8-95AD-C54FE4D15FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "539C550D-FEDD-415E-95AE-40E1AE2BAF1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "59C5B869-74FC-4051-A103-A721332B3CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C31EBD2-CD2D-4D38-AA51-A5A56487939A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "33FBD4E4-0BCD-49E1-BA84-86621B7C4556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "83D1EB17-EE67-48E5-B637-AA9A75D397F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B1711A-5541-412C-A5A0-274CEAB9E387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "709A19A5-8FD1-4F9C-A38C-F06242A94D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8104482C-E8F5-40A7-8B27-234FEF725FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2CFF8677-EA00-4F7E-BFF9-272482206DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8D7DF5CD-DA28-492D-B5EE-D252ECCC8D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85435026-9855-4BF4-A436-832628B005FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "56C2308F-A590-47B0-9791-7865D189196F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9A266882-DABA-4A4C-88E6-60E993EE0947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83F1142C-3BFB-4B72-A033-81E20DB19D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1FA738A1-227B-4665-B65E-666883FFAE96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6F00718C-A9E8-4E85-8DA6-33BF11F2DCCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "10789A2D-6401-4119-BFBE-2EE4C16216D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "70ABD462-7142-4831-8EB6-801EC1D05573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81D717DB-7C80-48AA-A774-E291D2E75D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06B357FB-0307-4EFA-9C5B-3C2CDEA48584",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E4BD8840-0F1C-49D3-B843-9CFE64948018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5B492-43F9-470F-BD21-6EFD93E78453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F602-D48C-458A-A063-4050BE3BB25F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A1C015-56AD-489C-B301-68CF1DBF1BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FD191625-ACE2-46B6-9AAD-12D682C732C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "02C7DB56-267B-4057-A9BA-36D1E58C6282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "AF8F94CF-D504-4165-A69E-3F1198CB162A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C068362-0D49-4117-BC96-780AA802CE4E",
"versionEndIncluding": "3.2.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "9C8E749B-2908-442A-99F0-91E2772336ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9E43D2D7-89AE-4805-9732-F1C601D8D8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3D8911-060D-435D-ACA2-E29271170CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7A4939-16CF-450D-846A-75B231E32D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C964D4A2-3F39-4CC7-A028-B42C94DDB56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "3B54D9FE-0A38-4053-9F3C-8831E2DD2BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "23FD6D82-9A14-4BD4-AA00-1875F0962ACE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header."
},
{
"lang": "es",
"value": "actionpack/lib/action_dispatch/http/mime_type.rb en Action Pack en Ruby on Rails en versiones anteriores a 3.2.22.1, 4.0.x y 4.1.x en versiones anteriores a 4.1.14.1, 4.2.x en versiones anteriores a 4.2.5.1 y 5.x en versiones anteriores a 5.0.0.beta1.1 no restringe adecuadamente el uso de la cach\u00e9 de tipo MIME, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de una cabecera HTTP Accept manipulada."
}
],
"id": "CVE-2016-0751",
"lastModified": "2026-05-06T22:30:45.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-16T02:59:05.877",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/81800"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1034816"
},
{
"source": "secalert@redhat.com",
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/81800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-FFPV-C4HM-3X6V
Vulnerability from github – Published: 2017-10-24 18:33 – Updated: 2023-07-31 21:08
VLAI?
Summary
actionpack is vulnerable to denial of service via a crafted HTTP Accept header
Details
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Severity ?
7.5 (High)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.5.0"
},
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0"
},
{
"fixed": "4.2.5.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 3.2.22.0"
},
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.22.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.1.14.0"
},
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.1.14.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-0751"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:34:31Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.",
"id": "GHSA-ffpv-c4hm-3x6v",
"modified": "2023-07-31T21:08:45Z",
"published": "2017-10-24T18:33:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0751"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/127967b735813cd4f263df7a50426d74e7e9cc17"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/221937c8ba1d291430ceddebbd4bdef7d3cb47d6"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/37047b779a177b911c7161052cfc34a30e1db0af"
},
{
"type": "PACKAGE",
"url": "https://github.com/rails/rails"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2016-0751.yml"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20160128201702/http://www.securitytracker.com/id/1034816"
},
{
"type": "WEB",
"url": "https://web.archive.org/web/20200227181647/http://www.securityfocus.com/bid/81800"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "actionpack is vulnerable to denial of service via a crafted HTTP Accept header"
}
GSD-2016-0751
Vulnerability from gsd - Updated: 2016-01-25 00:00Details
There is a possible object leak which can lead to a denial of service
vulnerability in Action Pack. This vulnerability has been
assigned the CVE identifier CVE-2016-0751.
Versions Affected: All.
Not affected: None.
Fixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1
Impact
------
A carefully crafted accept header can cause a global cache of mime types to
grow indefinitely which can lead to a possible denial of service attack in
Action Pack.
All users running an affected release should either upgrade or use one of the
workarounds immediately.
Releases
--------
The FIXED releases are available at the normal locations.
Workarounds
-----------
This attack can be mitigated by a proxy that only allows known mime types in
the Accept header.
Placing the following code in an initializer will also mitigate the issue:
```ruby
require 'action_dispatch/http/mime_type'
Mime.const_set :LOOKUP, Hash.new { |h,k|
Mime::Type.new(k) unless k.blank?
}
```
Patches
-------
To aid users who aren't able to upgrade immediately we have provided patches for
the two supported release series. They are in git-am format and consist of a
single changeset.
* 5-0-mime_types_leak.patch - Patch for 5.0 series
* 4-2-mime_types_leak.patch - Patch for 4.2 series
* 4-1-mime_types_leak.patch - Patch for 4.1 series
* 3-2-mime_types_leak.patch - Patch for 3.2 series
Please note that only the 4.1.x and 4.2.x series are supported at present. Users
of earlier unsupported releases are advised to upgrade as soon as possible as we
cannot guarantee the continued availability of security fixes for unsupported
releases.
Credits
-------
Aaron Patterson <3<3
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-0751",
"description": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.",
"id": "GSD-2016-0751",
"references": [
"https://www.suse.com/security/cve/CVE-2016-0751.html",
"https://www.debian.org/security/2016/dsa-3464",
"https://access.redhat.com/errata/RHSA-2016:0455",
"https://access.redhat.com/errata/RHSA-2016:0454",
"https://access.redhat.com/errata/RHSA-2016:0296"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack",
"purl": "pkg:gem/actionpack"
}
}
],
"aliases": [
"CVE-2016-0751",
"GHSA-ffpv-c4hm-3x6v"
],
"details": "There is a possible object leak which can lead to a denial of service\nvulnerability in Action Pack. This vulnerability has been\nassigned the CVE identifier CVE-2016-0751.\n\nVersions Affected: All.\nNot affected: None.\nFixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1\n\nImpact\n------\nA carefully crafted accept header can cause a global cache of mime types to\ngrow indefinitely which can lead to a possible denial of service attack in\nAction Pack.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nWorkarounds\n-----------\nThis attack can be mitigated by a proxy that only allows known mime types in\nthe Accept header.\n\nPlacing the following code in an initializer will also mitigate the issue:\n\n```ruby\nrequire \u0027action_dispatch/http/mime_type\u0027\n\nMime.const_set :LOOKUP, Hash.new { |h,k|\n Mime::Type.new(k) unless k.blank?\n}\n```\n\nPatches\n-------\nTo aid users who aren\u0027t able to upgrade immediately we have provided patches for\nthe two supported release series. They are in git-am format and consist of a\nsingle changeset.\n\n* 5-0-mime_types_leak.patch - Patch for 5.0 series\n* 4-2-mime_types_leak.patch - Patch for 4.2 series\n* 4-1-mime_types_leak.patch - Patch for 4.1 series\n* 3-2-mime_types_leak.patch - Patch for 3.2 series\n\nPlease note that only the 4.1.x and 4.2.x series are supported at present. Users\nof earlier unsupported releases are advised to upgrade as soon as possible as we\ncannot guarantee the continued availability of security fixes for unsupported\nreleases.\n\nCredits\n-------\nAaron Patterson \u003c3\u003c3\n",
"id": "GSD-2016-0751",
"modified": "2016-01-25T00:00:00.000Z",
"published": "2016-01-25T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 5.0,
"type": "CVSS_V2"
},
{
"score": 7.5,
"type": "CVSS_V3"
}
],
"summary": "Possible Object Leak and Denial of Service attack in Action Pack"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:0372",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0363",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"name": "FEDORA-2016-94e71ee673",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"name": "[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"name": "FEDORA-2016-f486068393",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"name": "SUSE-SU-2016:1146",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"name": "81800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81800"
},
{
"name": "1034816",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034816"
},
{
"name": "[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"name": "DSA-3464",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"name": "RHSA-2016:0296",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2016-0751",
"cvss_v2": 5.0,
"cvss_v3": 7.5,
"date": "2016-01-25",
"description": "There is a possible object leak which can lead to a denial of service\nvulnerability in Action Pack. This vulnerability has been\nassigned the CVE identifier CVE-2016-0751.\n\nVersions Affected: All.\nNot affected: None.\nFixed Versions: 5.0.0.beta1.1, 4.2.5.1, 4.1.14.1, 3.2.22.1\n\nImpact\n------\nA carefully crafted accept header can cause a global cache of mime types to\ngrow indefinitely which can lead to a possible denial of service attack in\nAction Pack.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nWorkarounds\n-----------\nThis attack can be mitigated by a proxy that only allows known mime types in\nthe Accept header.\n\nPlacing the following code in an initializer will also mitigate the issue:\n\n```ruby\nrequire \u0027action_dispatch/http/mime_type\u0027\n\nMime.const_set :LOOKUP, Hash.new { |h,k|\n Mime::Type.new(k) unless k.blank?\n}\n```\n\nPatches\n-------\nTo aid users who aren\u0027t able to upgrade immediately we have provided patches for\nthe two supported release series. They are in git-am format and consist of a\nsingle changeset.\n\n* 5-0-mime_types_leak.patch - Patch for 5.0 series\n* 4-2-mime_types_leak.patch - Patch for 4.2 series\n* 4-1-mime_types_leak.patch - Patch for 4.1 series\n* 3-2-mime_types_leak.patch - Patch for 3.2 series\n\nPlease note that only the 4.1.x and 4.2.x series are supported at present. Users\nof earlier unsupported releases are advised to upgrade as soon as possible as we\ncannot guarantee the continued availability of security fixes for unsupported\nreleases.\n\nCredits\n-------\nAaron Patterson \u003c3\u003c3\n",
"framework": "rails",
"gem": "actionpack",
"ghsa": "ffpv-c4hm-3x6v",
"patched_versions": [
"\u003e= 5.0.0.beta1.1",
"~\u003e 4.2.5, \u003e= 4.2.5.1",
"~\u003e 4.1.14, \u003e= 4.1.14.1",
"~\u003e 3.2.22.1"
],
"title": "Possible Object Leak and Denial of Service attack in Action Pack",
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=5.0.0.alpha \u003c5.0.0.beta1.1||\u003e=4.2.0.alpha \u003c4.2.5.1||\u003e=4.0.0.alpha \u003c4.1.14.1||\u003c3.2.22.1",
"affected_versions": "All versions starting from 5.0.0.alpha before 5.0.0.beta1.1, all versions starting from 4.2.0.alpha before 4.2.5.1, all versions starting from 4.0.0.alpha before 4.1.14.1, all versions before 3.2.22.1",
"credit": "Aaron Patterson",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-399",
"CWE-937"
],
"date": "2019-08-08",
"description": "A carefully crafted `Accept` header can cause a global cache of mime types to grow indefinitely which can lead to a possible denial of service attack in Action Pack.",
"fixed_versions": [
"3.2.22.1",
"4.1.14.1",
"4.2.5.1",
"5.0.0.beta1.1"
],
"identifier": "CVE-2016-0751",
"identifiers": [
"CVE-2016-0751"
],
"package_slug": "gem/actionpack",
"pubdate": "2016-02-15",
"solution": "Upgrade to latest, apply patches or use workaround. See provided link.",
"title": "Possible Object Leak and Denial of Service attack",
"urls": [
"https://groups.google.com/forum/#!topic/rubyonrails-security/9oLY_FCzvoc"
],
"uuid": "fc808d83-e46e-4d42-9d52-c1d29f8f4dfa"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.2.22",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.10:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-0751"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[ruby-security-ann] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"refsource": "MLIST",
"tags": [],
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/9oLY_FCzvoc/5CDXbvpYEgAJ"
},
{
"name": "[oss-security] 20160125 [CVE-2016-0751] Possible Object Leak and Denial of Service attack in Action Pack",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/9"
},
{
"name": "81800",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/81800"
},
{
"name": "SUSE-SU-2016:1146",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
},
{
"name": "FEDORA-2016-94e71ee673",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html"
},
{
"name": "RHSA-2016:0296",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html"
},
{
"name": "FEDORA-2016-f486068393",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178067.html"
},
{
"name": "openSUSE-SU-2016:0372",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html"
},
{
"name": "openSUSE-SU-2016:0363",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html"
},
{
"name": "DSA-3464",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2016/dsa-3464"
},
{
"name": "1034816",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1034816"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM"
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-08-08T15:43Z",
"publishedDate": "2016-02-16T02:59Z"
}
}
}
RHSA-2016:0296
Vulnerability from csaf_redhat - Published: 2016-02-24 10:36 - Updated: 2026-03-02 16:08Summary
Red Hat Security Advisory: rh-ror41 security update
Severity
Important
Notes
Topic: Updated rh-ror41-rubygem-actionpack, rh-ror41-rubygem-actionview,
rh-ror41-rubygem-activemodel, and rh-ror41-rubygem-activerecord packages
that fix multiple security issues are now available for Red Hat Software
Collections.
Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details: The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails
is a model-view-controller (MVC) framework for web application development.
The following issue was corrected in rubygem-actionpack and
rubygem-actionview:
A directory traversal flaw was found in the way the Action View component
searched for templates for rendering. If an application passed untrusted
input to the 'render' method, a remote, unauthenticated attacker could use
this to render unexpected files and, possibly, execute arbitrary code.
(CVE-2016-0752)
The following issues were corrected in rubygem-actionpack:
A flaw was found in the way the Action Pack component performed MIME type
lookups. Since queries were cached in a global cache of MIME types, an
attacker could use this flaw to grow the cache indefinitely, potentially
resulting in a denial of service. (CVE-2016-0751)
A flaw was found in the Action Pack component's caching of controller
references. An attacker could use this flaw to cause unbounded memory
growth, potentially resulting in a denial of service. (CVE-2015-7581)
A flaw was found in the way the Action Controller component compared user
names and passwords when performing HTTP basic authentication. Time taken
to compare strings could differ depending on input, possibly allowing a
remote attacker to determine valid user names and passwords using a timing
attack. (CVE-2015-7576)
The following issue was corrected in rubygem-activerecord:
A flaw was found in the Active Record component's handling of nested
attributes in combination with the destroy flag. An attacker could possibly
use this flaw to set attributes to invalid values or clear all attributes.
(CVE-2015-7577)
The following issue was corrected in rubygem-activemodel and
rubygem-activerecord:
A flaw was found in the way the Active Model based models processed
attributes. An attacker with the ability to pass arbitrary attributes to
models could possibly use this flaw to bypass input validation.
(CVE-2016-0753)
Red Hat would like to thank the Ruby on Rails project for reporting these
issues. Upstream acknowledges John Poulin as the original reporter of
CVE-2016-0752, Aaron Patterson of Red Hat as the original reporter of
CVE-2016-0751, Daniel Waterworth as the original reporter of CVE-2015-7576,
Justin Coyne as the original reporter of CVE-2015-7577, and John Backus
from BlockScore as the original reporter of CVE-2016-0753.
All rh-ror41 collection rubygem-actionpack, rubygem-actionview,
rubygem-activemodel, and rubygem-activerecord packages users are advised to
upgrade to these updated packages, which contain backported patches to
correct these issues. All running applications using the rh-ror41
collection must be restarted for this update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the way the Action Controller component compared user names and passwords when performing HTTP basic authentication. Time taken to compare strings could differ depending on input, possibly allowing a remote attacker to determine valid user names and passwords using a timing attack.
4.3 ()
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
A flaw was found in the Active Record component's handling of nested attributes in combination with the destroy flag. An attacker could possibly use this flaw to set attributes to invalid values or clear all attributes.
4.3 ()
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Action Pack component's caching of controller references. An attacker could use this flaw to cause unbounded memory growth, potentially resulting in a denial of service.
4.3 ()
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way the Action Pack component performed MIME type lookups. Since queries were cached in a global cache of MIME types, an attacker could use this flaw to grow the cache indefinitely, potentially resulting in a denial of service.
4.3 ()
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this flaw to render unexpected files and, possibly, execute arbitrary code.
6.8 ()
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
A flaw was found in the way the Active Model based models processed attributes. An attacker with the ability to pass arbitrary attributes to models could possibly use this flaw to bypass input validation.
4.3 ()
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
42 references
Acknowledgments
the Ruby on Rails project
Daniel Waterworth
Justin Coyne
Red Hat
Aaron Patterson
John Poulin
BlockScore
John Backus
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated rh-ror41-rubygem-actionpack, rh-ror41-rubygem-actionview,\nrh-ror41-rubygem-activemodel, and rh-ror41-rubygem-activerecord packages\nthat fix multiple security issues are now available for Red Hat Software\nCollections.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails\nis a model-view-controller (MVC) framework for web application development.\n\nThe following issue was corrected in rubygem-actionpack and\nrubygem-actionview:\n\nA directory traversal flaw was found in the way the Action View component\nsearched for templates for rendering. If an application passed untrusted\ninput to the \u0027render\u0027 method, a remote, unauthenticated attacker could use\nthis to render unexpected files and, possibly, execute arbitrary code.\n(CVE-2016-0752)\n\nThe following issues were corrected in rubygem-actionpack:\n\nA flaw was found in the way the Action Pack component performed MIME type\nlookups. Since queries were cached in a global cache of MIME types, an\nattacker could use this flaw to grow the cache indefinitely, potentially\nresulting in a denial of service. (CVE-2016-0751)\n\nA flaw was found in the Action Pack component\u0027s caching of controller\nreferences. An attacker could use this flaw to cause unbounded memory\ngrowth, potentially resulting in a denial of service. (CVE-2015-7581)\n\nA flaw was found in the way the Action Controller component compared user\nnames and passwords when performing HTTP basic authentication. Time taken\nto compare strings could differ depending on input, possibly allowing a\nremote attacker to determine valid user names and passwords using a timing\nattack. (CVE-2015-7576)\n\nThe following issue was corrected in rubygem-activerecord:\n\nA flaw was found in the Active Record component\u0027s handling of nested\nattributes in combination with the destroy flag. An attacker could possibly\nuse this flaw to set attributes to invalid values or clear all attributes.\n(CVE-2015-7577)\n\nThe following issue was corrected in rubygem-activemodel and\nrubygem-activerecord:\n\nA flaw was found in the way the Active Model based models processed\nattributes. An attacker with the ability to pass arbitrary attributes to\nmodels could possibly use this flaw to bypass input validation.\n(CVE-2016-0753)\n\nRed Hat would like to thank the Ruby on Rails project for reporting these\nissues. Upstream acknowledges John Poulin as the original reporter of\nCVE-2016-0752, Aaron Patterson of Red Hat as the original reporter of\nCVE-2016-0751, Daniel Waterworth as the original reporter of CVE-2015-7576,\nJustin Coyne as the original reporter of CVE-2015-7577, and John Backus\nfrom BlockScore as the original reporter of CVE-2016-0753.\n\nAll rh-ror41 collection rubygem-actionpack, rubygem-actionview,\nrubygem-activemodel, and rubygem-activerecord packages users are advised to\nupgrade to these updated packages, which contain backported patches to\ncorrect these issues. All running applications using the rh-ror41\ncollection must be restarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0296",
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1301933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301933"
},
{
"category": "external",
"summary": "1301946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301946"
},
{
"category": "external",
"summary": "1301957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301957"
},
{
"category": "external",
"summary": "1301963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301963"
},
{
"category": "external",
"summary": "1301973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301973"
},
{
"category": "external",
"summary": "1301981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301981"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0296.json"
}
],
"title": "Red Hat Security Advisory: rh-ror41 security update",
"tracking": {
"current_release_date": "2026-03-02T16:08:40+00:00",
"generator": {
"date": "2026-03-02T16:08:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.2"
}
},
"id": "RHSA-2016:0296",
"initial_release_date": "2016-02-24T10:36:00+00:00",
"revision_history": [
{
"date": "2016-02-24T10:36:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-02-24T10:36:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-02T16:08:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"product_id": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionview-doc@4.1.5-4.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"product_id": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionview@4.1.5-4.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"product_id": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activemodel@4.1.5-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"product_id": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activemodel-doc@4.1.5-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"product_id": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionpack-doc@4.1.5-3.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"product_id": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionpack@4.1.5-3.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"product_id": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activerecord@4.1.5-2.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"product_id": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activerecord-doc@4.1.5-2.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"product": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"product_id": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activesupport@4.1.5-3.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"product_id": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionview@4.1.5-4.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"product_id": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionview-doc@4.1.5-4.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"product_id": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activemodel-doc@4.1.5-2.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"product_id": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activemodel@4.1.5-2.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"product_id": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionpack-doc@4.1.5-3.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"product_id": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionpack@4.1.5-3.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"product_id": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activerecord@4.1.5-2.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"product_id": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activerecord-doc@4.1.5-2.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"product": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"product_id": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activesupport@4.1.5-3.el6?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"product": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"product_id": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionview@4.1.5-4.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"product": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"product_id": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activemodel@4.1.5-2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"product": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"product_id": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionpack@4.1.5-3.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"product": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"product_id": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activerecord@4.1.5-2.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"product": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"product_id": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activesupport@4.1.5-3.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"product": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"product_id": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionview@4.1.5-4.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"product": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"product_id": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activemodel@4.1.5-2.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"product": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"product_id": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-actionpack@4.1.5-3.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"product": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"product_id": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activerecord@4.1.5-2.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"product": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"product_id": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-ror41-rubygem-activesupport@4.1.5-3.el6?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6)",
"product_id": "6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1)",
"product_id": "7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Server-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src"
},
"product_reference": "rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src"
},
"product_reference": "rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
},
"product_reference": "rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Ruby on Rails project"
]
},
{
"names": [
"Daniel Waterworth"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-7576",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2016-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301933"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Action Controller component compared user names and passwords when performing HTTP basic authentication. Time taken to compare strings could differ depending on input, possibly allowing a remote attacker to determine valid user names and passwords using a timing attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Timing attack vulnerability in basic authentication in Action Controller",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7576"
},
{
"category": "external",
"summary": "RHBZ#1301933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7576",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7576"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7576",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7576"
},
{
"category": "external",
"summary": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"url": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-02-24T10:36:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
},
{
"category": "workaround",
"details": "Use following code to monkey-patch http_basic_authenticate_with method in ActionController:\n\n~~~\nmodule ActiveSupport\n module SecurityUtils\n def secure_compare(a, b)\n return false unless a.bytesize == b.bytesize\n\n l = a.unpack \"C#{a.bytesize}\"\n\n res = 0\n b.each_byte { |byte| res |= byte ^ l.shift }\n res == 0\n end\n module_function :secure_compare\n\n def variable_size_secure_compare(a, b)\n secure_compare(::Digest::SHA256.hexdigest(a), ::Digest::SHA256.hexdigest(b))\n end\n module_function :variable_size_secure_compare\n end\nend\n\nmodule ActionController\n class Base\n def self.http_basic_authenticate_with(options = {})\n before_action(options.except(:name, :password, :realm)) do\n authenticate_or_request_with_http_basic(options[:realm] || \"Application\") do |name, password|\n # This comparison uses \u0026 so that it doesn\u0027t short circuit and\n # uses `variable_size_secure_compare` so that length information\n # isn\u0027t leaked.\n ActiveSupport::SecurityUtils.variable_size_secure_compare(name, options[:name]) \u0026\n ActiveSupport::SecurityUtils.variable_size_secure_compare(password, options[:password])\n end\n end\n end\n end\nend\n~~~",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Timing attack vulnerability in basic authentication in Action Controller"
},
{
"acknowledgments": [
{
"names": [
"the Ruby on Rails project"
]
},
{
"names": [
"Justin Coyne"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-7577",
"discovery_date": "2016-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301957"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Active Record component\u0027s handling of nested attributes in combination with the destroy flag. An attacker could possibly use this flaw to set attributes to invalid values or clear all attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: Nested attributes rejection proc bypass in Active Record",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7577"
},
{
"category": "external",
"summary": "RHBZ#1301957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301957"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7577",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7577"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7577",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7577"
},
{
"category": "external",
"summary": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"url": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-02-24T10:36:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activerecord: Nested attributes rejection proc bypass in Active Record"
},
{
"acknowledgments": [
{
"names": [
"the Ruby on Rails project"
]
}
],
"cve": "CVE-2015-7581",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2016-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301981"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Action Pack component\u0027s caching of controller references. An attacker could use this flaw to cause unbounded memory growth, potentially resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Object leak vulnerability for wildcard controller routes in Action Pack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-7581"
},
{
"category": "external",
"summary": "RHBZ#1301981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-7581",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-7581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7581"
},
{
"category": "external",
"summary": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"url": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!msg/rubyonrails-security/dthJ5wL69JE/YzPnFelbFQAJ",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/dthJ5wL69JE/YzPnFelbFQAJ"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-02-24T10:36:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: Object leak vulnerability for wildcard controller routes in Action Pack"
},
{
"acknowledgments": [
{
"names": [
"the Ruby on Rails project"
]
},
{
"names": [
"Aaron Patterson"
],
"organization": "Red Hat",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0751",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2016-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Action Pack component performed MIME type lookups. Since queries were cached in a global cache of MIME types, an attacker could use this flaw to grow the cache indefinitely, potentially resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: possible object leak and denial of service attack in Action Pack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0751"
},
{
"category": "external",
"summary": "RHBZ#1301946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0751"
},
{
"category": "external",
"summary": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"url": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-02-24T10:36:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
},
{
"category": "workaround",
"details": "Use following code to monkey-patch mime types cache and disable caching.\n\n```\nrequire \u0027action_dispatch/http/mime_type\u0027\n\nMime.const_set :LOOKUP, Hash.new { |h,k|\n Mime::Type.new(k) unless k.blank?\n} \n```\n\nAlternatively perform filtering of mime types in the Accept header to allow only known types.",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: possible object leak and denial of service attack in Action Pack"
},
{
"acknowledgments": [
{
"names": [
"the Ruby on Rails project"
]
},
{
"names": [
"John Poulin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0752",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2016-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301963"
}
],
"notes": [
{
"category": "description",
"text": "A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the \u0027render\u0027 method, a remote, unauthenticated attacker could use this flaw to render unexpected files and, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: directory traversal flaw in Action View",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0752"
},
{
"category": "external",
"summary": "RHBZ#1301963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0752",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0752"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ"
},
{
"category": "external",
"summary": "https://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/",
"url": "https://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-02-24T10:36:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
},
{
"category": "workaround",
"details": "Avoid passing untrusted input to render method, or verify the input using whitelist before passing it to the render method:\n\n```\n\ndef index\n render verify_template(params[:id])\nend\n\nprivate\ndef verify_template(name)\n # add verification logic particular to your application here\nend\n\n```",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-25T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-actionpack: directory traversal flaw in Action View"
},
{
"acknowledgments": [
{
"names": [
"the Ruby on Rails project"
]
},
{
"names": [
"John Backus"
],
"organization": "BlockScore",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0753",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2016-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301973"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Active Model based models processed attributes. An attacker with the ability to pass arbitrary attributes to models could possibly use this flaw to bypass input validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: possible input validation circumvention in Active Model",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0753"
},
{
"category": "external",
"summary": "RHBZ#1301973",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301973"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0753",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0753"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0753",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0753"
},
{
"category": "external",
"summary": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
"url": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!msg/rubyonrails-security/6jQVC1geukQ/8oYETcxbFQAJ",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/6jQVC1geukQ/8oYETcxbFQAJ"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-02-24T10:36:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0296"
},
{
"category": "workaround",
"details": "Do not allow arbitrary attributes to be passed to models. In Rails with Strong Parameters, make sure to not call permit! method, which bypasses strong parameters protections. Outside of rails, use whitelisting to filter only allowed attributes before passing them to models.",
"product_ids": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.6.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1-6.7.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el6.src",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.noarch",
"6Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el6.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.1.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1-7.2.Z:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Server-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-1:4.1.5-3.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionpack-doc-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-0:4.1.5-4.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-actionview-doc-0:4.1.5-4.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-0:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activemodel-doc-0:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-1:4.1.5-2.el7.src",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activerecord-doc-1:4.1.5-2.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.noarch",
"7Workstation-RHSCL-2.1:rh-ror41-rubygem-activesupport-1:4.1.5-3.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activerecord: possible input validation circumvention in Active Model"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…