CVE-2012-6685

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 06-06-2012 02:00

Last modified: - 06-06-2012 02:00

Total changes: - 10

Description

CVE-2012-6685 rubygem-nokogiri: XML eXternal Entity (XXE) flaw

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:N/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

None

Integrity

-

Privileges required

-

Scope

-

User interaction

5.0

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=ansible-runner-0 AND versionEndExcluding=1.1.2-2.el7ar

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ansible-tower-0 AND versionEndExcluding=3.3.3-1.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=bubblewrap-0 AND versionEndExcluding=0.1.7-1.el7

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=cfme-0 AND versionEndExcluding=5.10.0.33-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=cfme-amazon-smartstate-0 AND versionEndExcluding=5.10.0.33-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=cfme-appliance-0 AND versionEndExcluding=5.10.0.33-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=cfme-gemset-0 AND versionEndExcluding=5.10.0.33-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=dbus-api-service-0 AND versionEndExcluding=1.0.1-5.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=dumb-init-0 AND versionEndExcluding=1.2.0-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=erlang-0 AND versionEndExcluding=19.3.6.7-1.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=google-compute-engine-0 AND versionEndExcluding=2.0.0-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=google-config-0 AND versionEndExcluding=2.0.0-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=httpd-configmap-generator-0 AND versionEndExcluding=0.2.2-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=nginx-1 AND versionEndExcluding=1.10.2-1.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-cluster-upgrade-0 AND versionEndExcluding=1.1.8-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-disaster-recovery-0 AND versionEndExcluding=1.1.2-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-engine-setup-0 AND versionEndExcluding=1.1.5-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-image-template-0 AND versionEndExcluding=1.1.8-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-infra-0 AND versionEndExcluding=1.1.8-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-manageiq-0 AND versionEndExcluding=1.1.12-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-repositories-0 AND versionEndExcluding=1.1.2-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-roles-0 AND versionEndExcluding=1.1.5-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-shutdown-env-0 AND versionEndExcluding=1.0.0-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-v2v-conversion-host-0 AND versionEndExcluding=1.6.3-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ovirt-ansible-vm-infra-0 AND versionEndExcluding=1.1.10-1.el7ev

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=postgresql96-0 AND versionEndExcluding=9.6.10-1PGDG.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=prince-0 AND versionEndExcluding=9.0r2-10.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=pyOpenSSL-0 AND versionEndExcluding=17.3.0-4.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-bambou-0 AND versionEndExcluding=3.0.1-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-colorama-0 AND versionEndExcluding=0.3.7-2.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-crypto-0 AND versionEndExcluding=2.6.1-16.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-daemon-0 AND versionEndExcluding=2.1.2-7.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-funcsigs-0 AND versionEndExcluding=1.0.2-1.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-future-0 AND versionEndExcluding=0.16.0-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-lockfile-1 AND versionEndExcluding=0.11.0-10.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-meld3-0 AND versionEndExcluding=0.6.10-1.el7

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-mock-0 AND versionEndExcluding=2.0.0-1.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-pbr-0 AND versionEndExcluding=3.1.1-2.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-pexpect-0 AND versionEndExcluding=4.6-1.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-psutil-0 AND versionEndExcluding=5.4.3-2.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-ptyprocess-0 AND versionEndExcluding=0.5.2-3.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-pylxca-0 AND versionEndExcluding=2.1.1-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-pysocks-0 AND versionEndExcluding=1.5.6-3.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-requests-0 AND versionEndExcluding=2.14.2-1.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-requests-toolbelt-0 AND versionEndExcluding=0.8.0-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-tabulate-0 AND versionEndExcluding=0.8.2-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-urllib3-0 AND versionEndExcluding=1.21.1-1.2.el7ost

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=python-vspk-0 AND versionEndExcluding=5.3.2-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=qpid-proton-0 AND versionEndExcluding=0.19.0-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rabbitmq-server-0 AND versionEndExcluding=3.7.4-1.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rh-postgresql95-postgresql-pglogical-0 AND versionEndExcluding=2.1.0-4.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rh-postgresql95-repmgr-0 AND versionEndExcluding=4.0.6-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ruby-0 AND versionEndExcluding=2.4.5-90.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-bcrypt-0 AND versionEndExcluding=3.1.12-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-ffi-0 AND versionEndExcluding=1.9.25-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-hamlit-0 AND versionEndExcluding=2.8.8-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-http_parser.rb-0 AND versionEndExcluding=0.6.0-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-json-0 AND versionEndExcluding=2.1.0-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-linux_block_device-0 AND versionEndExcluding=0.2.1-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-memory_buffer-0 AND versionEndExcluding=0.1.0-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-nio4r-0 AND versionEndExcluding=2.3.1-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-nokogiri-0 AND versionEndExcluding=1.8.2-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-ovirt-engine-sdk4-0 AND versionEndExcluding=4.2.4-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-pg-0 AND versionEndExcluding=0.18.4-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-puma-0 AND versionEndExcluding=3.7.1-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-qpid_proton-0 AND versionEndExcluding=0.22.0-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-redhat_access_cfme-0 AND versionEndExcluding=2.0.3-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-redhat_access_lib-0 AND versionEndExcluding=1.1.4-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-rugged-0 AND versionEndExcluding=0.27.4-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-sqlite3-0 AND versionEndExcluding=1.3.13-2.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-unf_ext-0 AND versionEndExcluding=0.0.7.5-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=rubygem-websocket-driver-0 AND versionEndExcluding=0.6.5-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=smem-0 AND versionEndExcluding=1.4-1.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=supervisor-0 AND versionEndExcluding=3.1.4-1.el7

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=wmi-0 AND versionEndExcluding=1.3.14-7.el7cf

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=wxGTK3-0 AND versionEndExcluding=3.0.3-5.el7at

vendor=Red Hat Enterprise Linux AND product=cloudforms_managementengine AND version=5.10

AND

product=ruby193-rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=openstack-installer AND version=5

AND

product=ruby193-rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=openstack-installer AND version=6

AND

product=rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=enterprise_mrg AND version=2

AND

product=ruby193-rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2

AND

product=rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=2

AND

product=ruby193-rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=openstack AND version=4

AND

product=ruby193-rubygem-nokogiri AND version=

vendor=Red Hat Enterprise Linux AND product=satellite AND version=6

AND

product=ruby193-rubygem-nokogiri AND version=

vendor=rhel_sam AND product=1

AND

product=rubygem-nokogiri AND version=

vendor=rhel_sam AND product=1

Reference

Keywords

REDHAT

CVE-2012-6685

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.