CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17916
https://notcve.org/view.php?id=CVE-2017-17916
SQL injection vulnerability in the 'find_by' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input ** EN DISPUTA** Vulnerabilidad de inyección SQL en el método "find_by" en Ruby on Rails 5.1.4 y anteriores permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro "name". NOTA: El fabricante rechaza este problema porque la documentación indica que este método no está destinado a utilizarse con datos de entrada no fiables. • https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17917
https://notcve.org/view.php?id=CVE-2017-17917
SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id' parameter. NOTE: The vendor disputes this issue because the documentation states that this method is not intended for use with untrusted input ** EN DISPUTA ** Vulnerabilidad de inyección SQL en el método "where" en Ruby on Rails 5.1.4 y anteriores permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro "id". NOTA: El proveedor defiende que la documentación indica que este método no está diseñado para ser utilizado con datos no confiables. • https://kay-malwarebenchmark.github.io/blog/ruby-on-rails-arbitrary-sql-injection • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 222EXPL: 0CVE-2016-6316 – rubygem-actionview: cross-site scripting flaw in Action View
https://notcve.org/view.php?id=CVE-2016-6316
Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag handlers. Vulnerabilidad de XSS en Action View en Ruby en Rails 3.x en versiones anteriores a 3.2.22.3, 4.x en versiones anteriores a 4.2.7.1 y 5.x en versiones anteriores a 5.0.0.1 podría permitir a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de texto declarado como "HTML safe" y utilizado como valores de atributos en los manejadores de etiquetas. It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting (XSS) attack. • http://rhn.redhat.com/errata/RHSA-2016-1855.html http://rhn.redhat.com/errata/RHSA-2016-1856.html http://rhn.redhat.com/errata/RHSA-2016-1857.html http://rhn.redhat.com/errata/RHSA-2016-1858.html http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released http://www.debian.org/security/2016/dsa-3651 http://www.openwall.com/lists/oss-security/2016/08/11/3 http://www.securityfocus.com/bid/92430 https://group • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 31EXPL: 0CVE-2015-3226
https://notcve.org/view.php?id=CVE-2015-3226
Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted Hash that is mishandled during JSON encoding. Vulnerabilidad XSS en json/encoding.rb en Active Support en Ruby on Rails en las versiones 3.x, 4.1.x anterior a 4.1.11 y 4.2 anterior a 4.2.2, permite a atacantes remotos inyectar código arbitrario HTML o web script a través de un Hash manipulado que no es manejado correctamente durante la codificación JSON. • http://openwall.com/lists/oss-security/2015/06/16/17 http://www.debian.org/security/2016/dsa-3464 http://www.securityfocus.com/bid/75231 http://www.securitytracker.com/id/1033755 https://groups.google.com/forum/message/raw?msg=rubyonrails-security/7VlB_pck3hU/3QZrGIaQW6cJ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 141EXPL: 1CVE-2014-7829
https://notcve.org/view.php?id=CVE-2014-7829
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via vectors involving a \ (backslash) character, a similar issue to CVE-2014-7818. Una vulnerabilidad de salto de directorio en actionpack/lib/action_dispatch/middleware/static.rb en el Action Pack de Ruby on Rails 3.x anterior a 3.2.21, 4.0.x anterior a 4.0.12, 4.1.x anterior a 4.1.8, y 4.2.x anterior a 4.2.0.beta4, cuando serve_static_assets está activado, permite a atacantes remotos determinar la existencia de ficheros fuera de la aplicación root a través de vectores que implican un carácter \ (barra invertida), un problema similar al CVE-2014-7818. • http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html http://www.securityfocus.com/bid/71183 https://groups.google.com/forum/message/raw?msg=rubyonrails-security/rMTQy4oRCGk/loS_CRS8mNEJ https://puppet.com/security/cve/cve-2014-7829 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •