Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Gentoo: GLSA 200912-02 Normal: Ruby on Rails SQL Injection and CSRF

gentoo
Calendar Grey December 20, 2009
Dist Gentoo Esm H88
The Gentoo Linux Security Advisory GLSA 202112-03 highlights various security flaws in Ruby on Rails, detailing their severity levels and recommended fixes.
Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements.

Summary

Gentoo Linux Security Advisory GLSA 200912-02 https://security.gentoo.org/ Severity: Normal Title: Ruby on Rails: Multiple vulnerabilities Date: December 20, 2009 Bugs: #200159, #237385, #247549, #276279, #283396, #294797 ID: 200912-02

Synopsis ======= Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements.
Background ========= Ruby on Rails is a web-application and persistence framework.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-ruby/rails < 2.2.2 >= 2.3.5 *>= 2.2.3-r1
========== The following vulnerabilities we...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory web application SQL injection security issues Gentoo Linux CSRF Ruby on Rails

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory web application SQL injection security issues Gentoo Linux CSRF Ruby on Rails

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here