Download
| Alert*
|
oval:org.secpod.oval:def:1900830
Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application"s unrestricted use of the render method. oval:org.secpod.oval:def:602424 Two vulnerabilities have been discovered in Rails, a web application framework written in Ruby. Both vulnerabilities affect Action Pack, which handles the web requests for Rails. CVE-2016-2097 Crafted requests to Action View, one of the components of Action Pack, might result in rendering files from ... oval:org.secpod.oval:def:110327 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:110319 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:110307 Simple, battle-tested conventions and helpers for building web pages. oval:org.secpod.oval:def:110305 Simple, battle-tested conventions and helpers for building web pages. oval:org.secpod.oval:def:504979 The ror40 collection provides Ruby on Rails version 4.0. Ruby on Rails is a model-view-controller framework for web application development. The following issues were corrected in rubygem-actionpack: Multiple directory traversal flaws were found in the way the Action View component searched for tem ... oval:org.secpod.oval:def:504941 The ruby193 collection provides Ruby version 1.9.3 and Ruby on Rails version 3.2. Ruby on Rails is a model-view-controller framework for web application development. The following issues were corrected in rubygem-actionpack: Multiple directory traversal flaws were found in the way the Action View c ... oval:org.secpod.oval:def:504908 The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails is a model-view-controller framework for web application development. The following issues were corrected in rubygem-actionview: A directory traversal flaw was found in the way the Action View component searched for templates ... |
