Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-0448HistoryFeb 21, 2011 - 6:00 p.m.
CVE-2011-0448
2011-02-2118:00:01
Debian Security Bug Tracker
security-tracker.debian.org
14
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.8%
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2:6.1.7.3+dfsg-2~deb12u1 | rails_2:6.1.7.3+dfsg-2~deb12u1_all.deb |
| Debian | 11 | all | rails | < 2:6.0.3.7+dfsg-2+deb11u2 | rails_2:6.0.3.7+dfsg-2+deb11u2_all.deb |
| Debian | 999 | all | rails | < 2:6.1.7.3+dfsg-3 | rails_2:6.1.7.3+dfsg-3_all.deb |
| Debian | 13 | all | rails | < 2:6.1.7.3+dfsg-3 | rails_2:6.1.7.3+dfsg-3_all.deb |
Related
cvelist
cvelist
CVE-2011-0448
2011-02-21 00:00:00
github
github
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
ubuntucve
ubuntucve
CVE-2011-0448
2011-02-21 00:00:00
cve
cve
CVE-2011-0448
2011-02-21 18:00:01
nvd
nvd
CVE-2011-0448
2011-02-21 18:00:01
osv
osv
activerecord vulnerable to SQL Injection
2017-10-24 18:33:38
prion
prion
Sql injection
2011-02-21 18:00:00
gitlab
gitlab
openvas
openvas
Ruby on Rails Security Bypass and SQL Injection Vulnerabilities
2011-02-28 00:00:00
Gentoo Security Advisory GLSA 201412-28
2015-09-29 00:00:00
seebug
seebug
Ruby on Rails安全限制绕过和SQL注入漏洞
2011-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: rubygem-activesupport-3.0.5-1.fc15
2011-04-05 21:43:08
[SECURITY] Fedora 15 Update: rubygem-rails-3.0.5-2.fc15
2011-04-05 21:43:09
[SECURITY] Fedora 15 Update: rubygem-actionmailer-3.0.5-1.fc15
2011-04-05 21:43:09
nessus
nessus
Fedora 15 : rubygem-actionmailer-3.0.5-1.fc15 / rubygem-actionpack-3.0.5-1.fc15 / etc (2011-4358)
2011-04-06 00:00:00
openSUSE Security Update : rubygem-actionmailer (openSUSE-SU-2011:1305-1)
2014-06-13 00:00:00
openSUSE Security Update : rubygem-actionmailer (openSUSE-SU-2011:1305-1)
2014-06-13 00:00:00
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.8%
Related for DEBIANCVE:CVE-2011-0448