RHSA-2013:0582Medium

Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update

Published
February 28, 2013
Last Modified
June 27, 2026

🔗 CVE IDs covered (15)

📋 Description

CVE-2012-2660 — rubygem-actionpack: Unsafe query generation CVE-2012-2661 — rubygem-activerecord: SQL injection when processing nested query paramaters CVE-2012-2694 — rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660) CVE-2012-2695 — rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) CVE-2012-3424 — rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest CVE-2012-3463 — rubygem-actionpack: potential XSS vulnerability in select_tag prompt CVE-2012-3464 — rubygem-actionpack: potential XSS vulnerability CVE-2012-3465 — rubygem-actionpack: XSS Vulnerability in strip_tags CVE-2012-4464 — 1.9.3: Possibility to bypass Ruby's $SAFE (level 4) semantics CVE-2012-4466 — ruby: safe level bypass via name_err_mesg_to_str() CVE-2012-4522 — ruby: unintentional file creation caused by inserting an illegal NUL character CVE-2012-5371 — ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001) CVE-2013-0155 — rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails CVE-2013-0162 — rubygem-ruby_parser: incorrect temporary file usage CVE-2013-0276 — rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected

🔗 References (30)