CVE-2013-0155

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 08-01-2013 01:00

Last modified: - 08-01-2013 01:00

Total changes: - 8

Description

CVE-2013-0155 rubygem-actionpack, rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

6.4

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.10-11.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.10-8.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-activesupport-1 AND versionEndExcluding=3.0.10-5.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.10-11.el6cf

vendor=rhel_sam AND product=1.1 AND version=

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.10-8.el6cf

vendor=rhel_sam AND product=1.1 AND version=

AND

product=rubygem-activesupport-1 AND versionEndExcluding=3.0.10-5.el6cf

vendor=rhel_sam AND product=1.1 AND version=

AND

product=graphviz-0 AND versionEndExcluding=2.26.0-10.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-console-0 AND versionEndExcluding=0.0.16-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-broker-0 AND versionEndExcluding=1.0.11-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-broker-util-0 AND versionEndExcluding=1.0.15-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-cron-1.4-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-diy-0.1-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-haproxy-1.4-0 AND versionEndExcluding=1.0.4-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-jbosseap-6.0-0 AND versionEndExcluding=1.0.4-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-jbossews-1.0-0 AND versionEndExcluding=1.0.13-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-jenkins-1.4-0 AND versionEndExcluding=1.0.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-jenkins-client-1.4-0 AND versionEndExcluding=1.0.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-mysql-5.1-0 AND versionEndExcluding=1.0.5-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-perl-5.10-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-php-5.3-0 AND versionEndExcluding=1.0.5-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-postgresql-8.4-0 AND versionEndExcluding=1.0.3-2.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-ruby-1.8-0 AND versionEndExcluding=1.0.7-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-ruby-1.9-scl-0 AND versionEndExcluding=1.0.8-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-msg-node-mcollective-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=php-0 AND versionEndExcluding=5.3.3-22.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-ruby-0 AND versionEndExcluding=1.9.3.327-25.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-actionpack-1 AND versionEndExcluding=3.2.8-3.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-activemodel-0 AND versionEndExcluding=3.2.8-2.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-activerecord-1 AND versionEndExcluding=3.2.8-3.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-railties-0 AND versionEndExcluding=3.2.8-2.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-ruby_parser-0 AND versionEndExcluding=2.3.1-3.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.13-4.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-activemodel-0 AND versionEndExcluding=3.0.13-3.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.13-5.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-bson-0 AND versionEndExcluding=1.8.1-2.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-mongo-0 AND versionEndExcluding=1.8.1-2.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-auth-remote-user-0 AND versionEndExcluding=1.0.5-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-console-0 AND versionEndExcluding=1.0.10-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-controller-0 AND versionEndExcluding=1.0.12-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-node-0 AND versionEndExcluding=1.0.11-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-ruby_parser-0 AND versionEndExcluding=2.0.4-6.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-actionpack AND version=

vendor=cloudforms_tools AND product=1

Reference

Keywords

REDHAT

CVE-2013-0155

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.