Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update
🔗 CVE IDs covered (15)
📋 Description
CVE-2012-2660 — rubygem-actionpack: Unsafe query generation CVE-2012-2661 — rubygem-activerecord: SQL injection when processing nested query paramaters CVE-2012-2694 — rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660) CVE-2012-2695 — rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) CVE-2012-3424 — rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest CVE-2012-3463 — rubygem-actionpack: potential XSS vulnerability in select_tag prompt CVE-2012-3464 — rubygem-actionpack: potential XSS vulnerability CVE-2012-3465 — rubygem-actionpack: XSS Vulnerability in strip_tags CVE-2012-4464 — 1.9.3: Possibility to bypass Ruby's $SAFE (level 4) semantics CVE-2012-4466 — ruby: safe level bypass via name_err_mesg_to_str() CVE-2012-4522 — ruby: unintentional file creation caused by inserting an illegal NUL character CVE-2012-5371 — ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001) CVE-2013-0155 — rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails CVE-2013-0162 — rubygem-ruby_parser: incorrect temporary file usage CVE-2013-0276 — rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected
🔗 References (30)
- selfhttps://access.redhat.com/errata/RHSA-2013:0582
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/knowledge/docs/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=827353
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=827363
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=831573
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=831581
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=843711
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=847196
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=847199
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=847200
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=862598
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=862614
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=865940
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=875236
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=887353
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=889426
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=892806
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=892866
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=895347
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=895355
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=902412
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=902630
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=903526
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=903546
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=905021
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=905656
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=906227
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=906845
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0582.json