Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-1E7CF4279B2C1EF67B9B9983AFC780C5HistoryMar 19, 2013 - 12:00 a.m.
XML Parsing Vulnerability affecting JRuby users
2013-03-1900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
22
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
EPSS
0.013
Percentile
85.8%
There is a vulnerability in the JDOM backend to ActiveSupportβs XML parser. you should upgrade or use one of the work arounds immediately.
Affected configurations
Node
gemactivesupportRange3.0.0β₯
ORgemactivesupportRange<3.1.12
ORgemactivesupportRange3.2.0β₯
ORgemactivesupportRange<3.2.13
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gem | activesupport | * | cpe:2.3:a:gem:activesupport:*:*:*:*:*:*:*:* |
Related
seebug
seebug
Ruby on Rails XML解ζθΏη¨ζη»ζε‘ζΌζ΄(CVE-2013-1856)
2013-03-20 00:00:00
osv
osv
activesupport Improper Input Validation vulnerability
2017-10-24 18:33:37
nessus
nessus
Fedora 18 : rubygem-activesupport-3.2.8-3.fc18 (2013-4198)
2013-04-01 00:00:00
Fedora 17 : rubygem-activesupport-3.0.11-9.fc17 (2013-4130)
2013-04-01 00:00:00
prion
prion
Design/Logic Flaw
2013-03-19 22:55:00
github
github
activesupport Improper Input Validation vulnerability
2017-10-24 18:33:37
rubygems
rubygems
XML Parsing Vulnerability affecting JRuby users
2013-03-18 20:00:00
ubuntucve
ubuntucve
CVE-2013-1856
2013-03-19 00:00:00
nvd
nvd
CVE-2013-1856
2013-03-19 22:55:01
debiancve
debiancve
CVE-2013-1856
2013-03-19 22:55:01
cve
cve
CVE-2013-1856
2013-03-19 22:55:01
cvelist
cvelist
CVE-2013-1856
2013-03-19 22:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-activesupport-3.2.8-3.fc18
2013-03-30 21:27:44
[SECURITY] Fedora 17 Update: rubygem-activesupport-3.0.11-9.fc17
2013-03-30 21:30:40
openvas
openvas
Fedora Update for rubygem-activesupport FEDORA-2013-4198
2013-04-02 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2013-4198
2013-04-02 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2013-4130
2013-04-02 00:00:00
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2013-03-18 00:00:00
threatpost
threatpost
Ruby on Rails Patches DoS, XSS Vulnerabilities
2013-03-19 16:31:57
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
EPSS
0.013
Percentile
85.8%
Related for GITLAB-1E7CF4279B2C1EF67B9B9983AFC780C5