Page 4 of 36 results (0.007 seconds)

CVSS: 7.5EPSS: 0%CPEs: 125EXPL: 0

SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting. Vulnerabilidad de inyección SQL en activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb en el adaptador PostgreSQL para Active Record en Ruby on Rails 2.x y 3.x anterior a 3.2.19 permite a atacantes remotos ejecutar comandos SQL arbitrarios mediante el aprovechamiento del citado de bitstrings indebido. It was discovered that Active Record did not properly quote values of the bitstring type attributes when using the PostgreSQL database adapter. A remote attacker could possibly use this flaw to conduct an SQL injection attack against applications using Active Record. • http://openwall.com/lists/oss-security/2014/07/02/5 http://rhn.redhat.com/errata/RHSA-2014-0876.html http://secunia.com/advisories/59973 http://secunia.com/advisories/60214 http://secunia.com/advisories/60763 http://www.debian.org/security/2014/dsa-2982 http://www.securityfocus.com/bid/68343 https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wDxePLJGZdI/WP7EasCJTA4J https://access.redhat.com/security/cve/CVE-2014-3482 https://bugzilla.redhat.com/show_bug • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 0%CPEs: 186EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper. Múltiples vulnerabilidades de XSS en actionview/lib/action_view/helpers/number_helper.rb en Ruby on Rails anterior a 3.2.17, 4.0.x anterior a 4.0.3 y 4.1.x anterior a 4.1.0.beta2 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a través del parámetro (1) format, (2) negative_format, o (3) units hacia la ayuda de (a) number_to_currency, (b) number_to_percentage, o (c) number_to_human. • http://lists.opensuse.org/opensuse-updates/2014-02/msg00081.html http://openwall.com/lists/oss-security/2014/02/18/8 http://rhn.redhat.com/errata/RHSA-2014-0215.html http://rhn.redhat.com/errata/RHSA-2014-0306.html http://secunia.com/advisories/57376 http://www.securityfocus.com/bid/65647 http://www.securitytracker.com/id/1029782 https://groups.google.com/forum/message/raw?msg=rubyonrails-security/tfp6gZCtzr4/j8LUHmu7fIEJ https://access.redhat.com/security/cve/CVE-2014-0081 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute. Vulnerabilidad de XSS en el ayudante simple_format en actionpack/lib/action_view/helpers/text_helper.rb de Ruby on Rails 4.x anterior a la versión 4.0.2 permite a atacantes remotos inyectar script web o HTML arbitrario a través de un atributo HTML manipulado. • http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released http://www.securityfocus.com/bid/64071 https://groups.google.com/forum/message/raw?msg=ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 108EXPL: 0

actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155. actoinpack/lib/action_dispatch/http/request.rb en Ruby on Rails anteriores a 3.2.16 y 4.x anteriores a 4.0.2 no considera correctamente las diferencias en la gestión de parámetros entre el componente Active Record y la implementación de JSON, lo cual permite a atacantes remotos sortear restricciones de consultas a la base de datos y ejecutar comprobaciones NULL o provocar falta de cláusulas WHERE a través de una petición manipulada que aprovecha (1) middleware Rack de terceros o (2) middleware Rack propio. NOTA: esta vulnerabilidad existe debido a una corrección incompleta de CVE-2013-0155. • http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html http://rhn.redhat.com/errata/RHSA-2013-1794.html http://rhn.redhat.com/errata/RHSA-2014-0008.html http://rhn.redhat.com/errata/RHSA-2014-0469.html http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 17%CPEs: 108EXPL: 0

actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching. actionpack/lib/action_view/lookup_context.rb en Action View en Ruby on Rails 3.x anteriores a 3.2.16 y 4.x anteriores a 4.0.2 permite a atacantes remotos causar denegación de servicio (consumo de memoria) a través de una cabecera conteniendo un tipo MIME inválido que conduce a un cacheo excesivo. A denial of service flaw was found in the header handling component of Action View. A remote attacker could send strings in specially crafted headers that would be cached indefinitely, which would result in all available system memory eventually being consumed. • http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html http://rhn.redhat.com/errata/RHSA-2013-1794.html http://rhn.redhat.com/errata/RHSA-2014-0008.html http://rhn.redhat.com/errata/RHSA-2014-1863.html http://secunia.com/advisories/57836 http://weblog.rubyonrails.org/2013/12 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •