Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2013-1854
Beschreibung:The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method.
Test Kennungen: Nicht verfügbar
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2013-1854
http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
https://groups.google.com/group/ruby-security-ann/msg/34e0d780b04308de?dmode=source&output=gplain
RedHat Security Advisories: RHSA-2013:0699
http://rhn.redhat.com/errata/RHSA-2013-0699.html
RedHat Security Advisories: RHSA-2014:1863
http://rhn.redhat.com/errata/RHSA-2014-1863.html
SuSE Security Announcement: openSUSE-SU-2013:0659 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00070.html
SuSE Security Announcement: openSUSE-SU-2013:0660 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00071.html
SuSE Security Announcement: openSUSE-SU-2013:0664 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00075.html
SuSE Security Announcement: openSUSE-SU-2013:0667 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00078.html
SuSE Security Announcement: openSUSE-SU-2013:0668 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00079.html




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.