Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-2694 (GCVE-0-2012-2694)
Vulnerability from cvelistv5 – Published: 2012-06-22 14:00 – Updated: 2024-08-06 19:42
VLAI
EPSS
Summary
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-updates/2012-0… | vendor-advisoryx_refsource_SUSE |
| https://groups.google.com/group/rubyonrails-secur… | mailing-listx_refsource_MLIST |
| http://rhn.redhat.com/errata/RHSA-2013-0154.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-06-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:31.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2012:1015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"name": "SUSE-SU-2012:1012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"name": "openSUSE-SU-2012:0978",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"name": "SUSE-SU-2012:1014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"name": "openSUSE-SU-2012:1066",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"name": "[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"name": "RHSA-2013:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-07T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SU-2012:1015",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"name": "SUSE-SU-2012:1012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"name": "openSUSE-SU-2012:0978",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"name": "SUSE-SU-2012:1014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"name": "openSUSE-SU-2012:1066",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"name": "[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"name": "RHSA-2013:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2012:1015",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"name": "SUSE-SU-2012:1012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"name": "openSUSE-SU-2012:0978",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"name": "SUSE-SU-2012:1014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"name": "openSUSE-SU-2012:1066",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"name": "[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694)",
"refsource": "MLIST",
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"name": "RHSA-2013:0154",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2694",
"datePublished": "2012-06-22T14:00:00.000Z",
"dateReserved": "2012-05-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T19:42:31.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2012-2694",
"date": "2026-05-29",
"epss": "0.0022",
"percentile": "0.44664"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2012-2694\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-06-22T14:55:01.097\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \\\"[\u0027xyz\u0027, nil]\\\" values, a related issue to CVE-2012-2660.\"},{\"lang\":\"es\",\"value\":\"actionpack/lib/action_dispatch/http/request.rb en Ruby on Rails antes de la version v3.0.14, en la v3.1.x antes de v3.1.6 y v3.2.x antes de v 3.2.6 no considera adecuadamente las diferencias en el manejo de par\u00e1metros entre el componente Active Record y la interfaz Rack, lo que permite a atacantes remotos evitar las restricciones de consulta de bases de datos y realizar comprobaciones de nulos a trav\u00e9s de solicitudes hechas a mano, por ejemplo con los valores \\\"[\u0027xyz\u0027, nil]\\\". Es un problema relacionado con el CVE-2012-2660.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3BE7DFE-BA20-434B-A1DE-AD038B255C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCEE5B21-C990-4705-8239-0D7B29DAEDA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"65EE33B1-B079-4CDE-B9C2-F1613A4610DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAAA20B-824F-4448-99DC-9712FE628073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2BEBDFB-0F30-454A-B74C-F820C9D2708B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D7CD8C1-95D1-477E-AD96-6582EC33BA01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6F00D98-3D0F-40AF-AE4F-090B1E6B660C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9476CE55-69C0-45D3-B723-6F459C90BF05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*\",\"matchCriteriaId\":\"486F5BA6-BCF7-4691-9754-19D364B4438D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"112FC73B-A8BC-4EEA-9F4B-CCE685EF2838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4498383-6FCA-4E17-A1FD-B0CE7EE50F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26565B1-2BA6-4A3C-9264-7FC9A1820B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"644EF85E-6D3E-4F5C-96B0-49AD2A2D90CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"392E2D58-CB39-4832-B4D9-9C2E23B8E14C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F2466EA-7039-46A1-B4A3-8DACD1953A59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CAB4E72-0A15-4B26-9B69-074C278568D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A085E105-9375-440A-80CB-9B23E6D7EB4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25911E48-C5D7-4ED8-B4DB-7523A74CCF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29674E3-CC80-446B-9A43-82594AE7A058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF34D8CB-2B6D-4CB8-A206-108293BCFFE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"272268EE-E3E8-4683-B679-55D748877A7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B69FD33-61FE-4F10-BBE1-215F59035D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08D7CB5D-82EF-4A24-A792-938FAB40863D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A044B21-47D5-468D-AF4A-06B3B5CC0824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2196F3D0-532A-40F9-843A-1DFBC8B63FDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEDA932-6CB5-438C-94E4-824732A91BE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"903E5524-5E45-48CE-A804-EDAEBE3A79AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08534AF2-F94E-4FB6-A572-4FB9827276D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E3B4A6-1346-4358-B7BC-84D00ED3ABBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B52D7A6B-DD93-45F0-9186-18ABEFF28DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F07C641-48DF-43BE-9EB5-72B337C54846\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1CB1B12-99F5-430F-AE19-9A95C17FA123\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1A7C449-8F9A-4CE5-9C3D-375996BFAEE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05D5D58C-DB79-41EA-81AE-5D95C48211B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE331D6D-99BA-4369-AD8B-B556DEE4955F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"05108EF0-81AD-4378-9843-5C23F2AC79A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.13\",\"matchCriteriaId\":\"8F046DC2-971A-46E6-A61B-AD39B954D634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"224BD488-0D7E-4F8B-9012-DE872DEB544C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F884F2F4-94F3-46CB-860B-1BCC0EEF408A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DFBB48-1C29-4639-9369-F5B413CA2337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D37696D7-BEE6-4587-9E33-A7FE24780409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E95B5D44-0C8D-47BC-A89D-48A5BDEB84F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DFDAF6A-76AA-436F-A4F3-DA69892DE2B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3172982-3FA4-427F-BE3E-2321D804E49D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD6EC85B-F092-48FF-966A-96B9227C8656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"9000F3C1-57A0-474C-9C82-E58688F29838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E55E42E-AB6A-4E47-AC69-DFDAEB0A8735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A42F4E7A-6F6A-485C-8D30-95F3B0285922\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30B9C0CB-F6E6-4233-84E4-D6E69104DD73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"84309CC7-A8B7-4ADB-AEA1-964DA5F7B0E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5343241F-274D-45FF-97C7-2BC2E920BAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FED122B8-AF4C-4C48-B1E5-54F4A7A31A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"157ACCAD-0FB8-4CC9-9DFB-70835DE6506C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E50ACF6-7277-4C9A-B42A-E7EFDC317691\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C191DC2B-1EC3-48E0-A586-867E6EE4431C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA51263-6680-42C6-B119-8241D6F76206\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4BC41E8-FEDA-4C31-B479-D49A59FC4D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C20971-53B5-43B0-AC45-5AA0FDF1B054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1AEFA5D-A793-4BAB-8DED-3D3A31260AD8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2816C02C-E13E-4367-91F3-14756A90EC9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82AF7C7-B725-40EF-8EE3-18F8E7FAEB29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AE674DE-65DB-437E-A034-A2EE5C584B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0524F3E3-BAD7-4CD3-A6E7-74CFBE4B46E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32EB2C3F-0F24-43DB-988E-BD2973598F71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB32713D-FE64-445E-872E-B4678C243AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C55E6B4A-2B9C-46C8-A739-109EA4BA7FD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"89C618DC-38BC-4484-8C41-BC38B7EB636B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE1EF01A-F358-45D3-ADA2-51DD1D8CB6E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC2616BD-A4E8-42F3-BB5A-7517DC4EDA3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E376782-98B0-4766-B6FC-67E032A00C62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96D08DC1-14E9-4DB9-BC95-3F73B454FBC4\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0154.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0154.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]}]}}"
}
}
FKIE_CVE-2012-2694
Vulnerability from fkie_nvd - Published: 2012-06-22 14:55 - Updated: 2026-04-29 01:13
Severity
Summary
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BE7DFE-BA20-434B-A1DE-AD038B255C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "DCEE5B21-C990-4705-8239-0D7B29DAEDA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "65EE33B1-B079-4CDE-B9C2-F1613A4610DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5CAAA20B-824F-4448-99DC-9712FE628073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "D2BEBDFB-0F30-454A-B74C-F820C9D2708B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "1D7CD8C1-95D1-477E-AD96-6582EC33BA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B6F00D98-3D0F-40AF-AE4F-090B1E6B660C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9476CE55-69C0-45D3-B723-6F459C90BF05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*",
"matchCriteriaId": "486F5BA6-BCF7-4691-9754-19D364B4438D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "112FC73B-A8BC-4EEA-9F4B-CCE685EF2838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*",
"matchCriteriaId": "E4498383-6FCA-4E17-A1FD-B0CE7EE50F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D26565B1-2BA6-4A3C-9264-7FC9A1820B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "644EF85E-6D3E-4F5C-96B0-49AD2A2D90CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "392E2D58-CB39-4832-B4D9-9C2E23B8E14C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1F2466EA-7039-46A1-B4A3-8DACD1953A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CAB4E72-0A15-4B26-9B69-074C278568D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A085E105-9375-440A-80CB-9B23E6D7EB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "25911E48-C5D7-4ED8-B4DB-7523A74CCF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B29674E3-CC80-446B-9A43-82594AE7A058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FF34D8CB-2B6D-4CB8-A206-108293BCFFE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "272268EE-E3E8-4683-B679-55D748877A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7B69FD33-61FE-4F10-BBE1-215F59035D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "08D7CB5D-82EF-4A24-A792-938FAB40863D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8A044B21-47D5-468D-AF4A-06B3B5CC0824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2196F3D0-532A-40F9-843A-1DFBC8B63FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CBEDA932-6CB5-438C-94E4-824732A91BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "903E5524-5E45-48CE-A804-EDAEBE3A79AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "08534AF2-F94E-4FB6-A572-4FB9827276D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "29E3B4A6-1346-4358-B7BC-84D00ED3ABBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B52D7A6B-DD93-45F0-9186-18ABEFF28DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1F07C641-48DF-43BE-9EB5-72B337C54846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A1CB1B12-99F5-430F-AE19-9A95C17FA123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A7C449-8F9A-4CE5-9C3D-375996BFAEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "05D5D58C-DB79-41EA-81AE-5D95C48211B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FE331D6D-99BA-4369-AD8B-B556DEE4955F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "05108EF0-81AD-4378-9843-5C23F2AC79A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F046DC2-971A-46E6-A61B-AD39B954D634",
"versionEndIncluding": "3.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "224BD488-0D7E-4F8B-9012-DE872DEB544C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F884F2F4-94F3-46CB-860B-1BCC0EEF408A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "88DFBB48-1C29-4639-9369-F5B413CA2337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D37696D7-BEE6-4587-9E33-A7FE24780409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E95B5D44-0C8D-47BC-A89D-48A5BDEB84F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1DFDAF6A-76AA-436F-A4F3-DA69892DE2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "D3172982-3FA4-427F-BE3E-2321D804E49D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "FD6EC85B-F092-48FF-966A-96B9227C8656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "9000F3C1-57A0-474C-9C82-E58688F29838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "6E55E42E-AB6A-4E47-AC69-DFDAEB0A8735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A42F4E7A-6F6A-485C-8D30-95F3B0285922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "30B9C0CB-F6E6-4233-84E4-D6E69104DD73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "84309CC7-A8B7-4ADB-AEA1-964DA5F7B0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "5343241F-274D-45FF-97C7-2BC2E920BAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FED122B8-AF4C-4C48-B1E5-54F4A7A31A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "157ACCAD-0FB8-4CC9-9DFB-70835DE6506C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3E50ACF6-7277-4C9A-B42A-E7EFDC317691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C191DC2B-1EC3-48E0-A586-867E6EE4431C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA51263-6680-42C6-B119-8241D6F76206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B4BC41E8-FEDA-4C31-B479-D49A59FC4D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "09C20971-53B5-43B0-AC45-5AA0FDF1B054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1AEFA5D-A793-4BAB-8DED-3D3A31260AD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2816C02C-E13E-4367-91F3-14756A90EC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E82AF7C7-B725-40EF-8EE3-18F8E7FAEB29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1AE674DE-65DB-437E-A034-A2EE5C584B33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0524F3E3-BAD7-4CD3-A6E7-74CFBE4B46E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "32EB2C3F-0F24-43DB-988E-BD2973598F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EB32713D-FE64-445E-872E-B4678C243AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E6B4A-2B9C-46C8-A739-109EA4BA7FD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "89C618DC-38BC-4484-8C41-BC38B7EB636B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FE1EF01A-F358-45D3-ADA2-51DD1D8CB6E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2616BD-A4E8-42F3-BB5A-7517DC4EDA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0E376782-98B0-4766-B6FC-67E032A00C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96D08DC1-14E9-4DB9-BC95-3F73B454FBC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660."
},
{
"lang": "es",
"value": "actionpack/lib/action_dispatch/http/request.rb en Ruby on Rails antes de la version v3.0.14, en la v3.1.x antes de v3.1.6 y v3.2.x antes de v 3.2.6 no considera adecuadamente las diferencias en el manejo de par\u00e1metros entre el componente Active Record y la interfaz Rack, lo que permite a atacantes remotos evitar las restricciones de consulta de bases de datos y realizar comprobaciones de nulos a trav\u00e9s de solicitudes hechas a mano, por ejemplo con los valores \"[\u0027xyz\u0027, nil]\". Es un problema relacionado con el CVE-2012-2660."
}
],
"id": "CVE-2012-2694",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-22T14:55:01.097",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-Q34C-48GC-M9G8
Vulnerability from github – Published: 2017-10-24 18:33 – Updated: 2025-01-20 16:29
VLAI
Summary
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request
Details
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain ['xyz', nil] values, a related issue to CVE-2012-2660.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.13"
},
{
"fixed": "3.0.14"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "3.1.0"
},
{
"fixed": "3.1.6"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "3.2.0"
},
{
"fixed": "3.2.6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2012-2694"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:50:37Z",
"nvd_published_at": "2012-06-22T14:55:01Z",
"severity": "MODERATE"
},
"details": "`actionpack/lib/action_dispatch/http/request.rb` in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain `[\u0027xyz\u0027, nil]` values, a related issue to CVE-2012-2660.",
"id": "GHSA-q34c-48gc-m9g8",
"modified": "2025-01-20T16:29:10Z",
"published": "2017-10-24T18:33:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/2f3bc0467311781ac1ceb2c8c2b09002c8fe143a"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/c202638225519b5e1a03ebe523b109c948fb0e52"
},
{
"type": "PACKAGE",
"url": "https://github.com/rails/rails"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2694.yml"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/rubyonrails-security/c/jILZ34tAHF4/m/7x0hLH-o0-IJ"
},
{
"type": "WEB",
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request"
}
GSD-2012-2694
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-2694",
"description": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660.",
"id": "GSD-2012-2694",
"references": [
"https://www.suse.com/security/cve/CVE-2012-2694.html",
"https://access.redhat.com/errata/RHSA-2013:0582",
"https://access.redhat.com/errata/RHSA-2013:0154",
"https://access.redhat.com/errata/RHSA-2012:1542"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-2694"
],
"details": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660.",
"id": "GSD-2012-2694",
"modified": "2023-12-13T01:20:15.633148Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2012:1015",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"name": "SUSE-SU-2012:1012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"name": "openSUSE-SU-2012:0978",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"name": "SUSE-SU-2012:1014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"name": "openSUSE-SU-2012:1066",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"name": "[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694)",
"refsource": "MLIST",
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"name": "RHSA-2013:0154",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c3.0.14||\u003e=3.1.0 \u003c3.1.6||\u003e=3.2.0 \u003c3.2.6",
"affected_versions": "All versions before 3.0.14, all versions starting from 3.1.0 before 3.1.6, all versions starting from 3.2.0 before 3.2.6",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-264",
"CWE-937"
],
"date": "2021-09-16",
"description": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660.",
"fixed_versions": [
"3.0.14",
"3.1.6",
"3.2.6"
],
"identifier": "CVE-2012-2694",
"identifiers": [
"GHSA-q34c-48gc-m9g8",
"CVE-2012-2694"
],
"not_impacted": "All versions starting from 3.0.14 before 3.1.0, all versions starting from 3.1.6 before 3.2.0, all versions starting from 3.2.6",
"package_slug": "gem/actionpack",
"pubdate": "2017-10-24",
"solution": "Upgrade to versions 3.0.14, 3.1.6, 3.2.6 or above.",
"title": "Moderate severity vulnerability that affects actionpack",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2012-2694",
"https://github.com/advisories/GHSA-q34c-48gc-m9g8",
"https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain",
"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html",
"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html",
"http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html",
"http://rhn.redhat.com/errata/RHSA-2013-0154.html"
],
"uuid": "9c59916d-0261-4c93-b457-70bc7c21bb28"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0.13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2694"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694)",
"refsource": "MLIST",
"tags": [
"Exploit"
],
"url": "https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source\u0026output=gplain"
},
{
"name": "SUSE-SU-2012:1015",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html"
},
{
"name": "openSUSE-SU-2012:0978",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html"
},
{
"name": "SUSE-SU-2012:1014",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html"
},
{
"name": "SUSE-SU-2012:1012",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html"
},
{
"name": "openSUSE-SU-2012:1066",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html"
},
{
"name": "RHSA-2013:0154",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2019-08-08T15:42Z",
"publishedDate": "2012-06-22T14:55Z"
}
}
}
RHSA-2012:1542
Vulnerability from csaf_redhat - Published: 2012-12-04 19:24 - Updated: 2026-02-27 11:00Summary
Red Hat Security Advisory: CloudForms Commons 1.1 security update
Severity
Moderate
Notes
Topic: Updated CloudForms Commons packages that fix several security issues are
now available.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: Red Hat CloudForms is an on-premise hybrid cloud
Infrastructure-as-a-Service (IaaS) product that lets you create and manage
private and public clouds.
Multiple input validation vulnerabilities were discovered in
rubygem-activerecored. A remote attacker could possibly use these flaws
to perform an SQL injection attack against an application using
rubygem-activerecord. (CVE-2012-2660, CVE-2012-2661, CVE-2012-2694,
CVE-2012-2695)
Multiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.
A remote attacker could use these flaws to conduct XSS attacks against
users of an application using rubygem-actionpack. (CVE-2012-3463,
CVE-2012-3464, CVE-2012-3465)
A flaw was found in the HTTP digest authentication implementation in
rubygem-actionpack. A remote attacker could use this flaw to cause a
denial of service of an application using rubygem-actionpack and digest
authentication. (CVE-2012-3424)
An input validation flaw was found in rubygem-mail's Exim and Sendmail
delivery methods. A remote attacker could use this flaw to execute
arbitrary commands with the privileges of an application using
rubygem-mail. (CVE-2012-2140)
A directory traversal flaw was found in rubygem-mail's file delivery
method. A remote attacker could use this flaw to send a mail with a
specially crafted To: header and write to files with the privileges of
an application using rubygem-mail. (CVE-2012-2139)
Puppet was updated to version 2.6.17, which fixes multiple security
issues. These issues are not exposed by CloudForms. (CVE-2012-1986,
CVE-2012-1987, CVE-2012-1988, CVE-2012-3864, CVE-2012-3865, CVE-2012-3867)
Red Hat would like to thank Puppet Labs for reporting CVE-2012-1988,
CVE-2012-1986, CVE-2012-1987, CVE-2012-3864, CVE-2012-3865, and
CVE-2012-3867.
Users are advised to upgrade to these CloudForms Commons packages, which
resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction with a crafted REST request for a file in a filebucket.
3.6 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use "a marshaled form of a Puppet::FileBucket::File object" to write to arbitrary file locations.
3.5 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.
4.6 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.
5.0 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
7.5 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2694.
4.0 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
4.3 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
4.0 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
4.3 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.
4.3 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.
4.3 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character.
4.3 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.
4.3 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.
2.1 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.
2.1 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.
4.0 ()
Affected products
Fixed
56 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
88 references
Acknowledgments
Puppet Labs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated CloudForms Commons packages that fix several security issues are\nnow available.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms is an on-premise hybrid cloud\nInfrastructure-as-a-Service (IaaS) product that lets you create and manage\nprivate and public clouds.\n\nMultiple input validation vulnerabilities were discovered in\nrubygem-activerecored. A remote attacker could possibly use these flaws\nto perform an SQL injection attack against an application using\nrubygem-activerecord. (CVE-2012-2660, CVE-2012-2661, CVE-2012-2694,\nCVE-2012-2695)\n\nMultiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.\nA remote attacker could use these flaws to conduct XSS attacks against\nusers of an application using rubygem-actionpack. (CVE-2012-3463,\nCVE-2012-3464, CVE-2012-3465)\n\nA flaw was found in the HTTP digest authentication implementation in\nrubygem-actionpack. A remote attacker could use this flaw to cause a\ndenial of service of an application using rubygem-actionpack and digest\nauthentication. (CVE-2012-3424)\n\nAn input validation flaw was found in rubygem-mail\u0027s Exim and Sendmail\ndelivery methods. A remote attacker could use this flaw to execute\narbitrary commands with the privileges of an application using\nrubygem-mail. (CVE-2012-2140)\n\nA directory traversal flaw was found in rubygem-mail\u0027s file delivery\nmethod. A remote attacker could use this flaw to send a mail with a\nspecially crafted To: header and write to files with the privileges of\nan application using rubygem-mail. (CVE-2012-2139)\n\nPuppet was updated to version 2.6.17, which fixes multiple security\nissues. These issues are not exposed by CloudForms. (CVE-2012-1986,\nCVE-2012-1987, CVE-2012-1988, CVE-2012-3864, CVE-2012-3865, CVE-2012-3867)\n\nRed Hat would like to thank Puppet Labs for reporting CVE-2012-1988,\nCVE-2012-1986, CVE-2012-1987, CVE-2012-3864, CVE-2012-3865, and\nCVE-2012-3867.\n\nUsers are advised to upgrade to these CloudForms Commons packages, which\nresolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:1542",
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "810069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810069"
},
{
"category": "external",
"summary": "810070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810070"
},
{
"category": "external",
"summary": "810071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810071"
},
{
"category": "external",
"summary": "816352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=816352"
},
{
"category": "external",
"summary": "827353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827353"
},
{
"category": "external",
"summary": "827363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827363"
},
{
"category": "external",
"summary": "831573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831573"
},
{
"category": "external",
"summary": "831581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831581"
},
{
"category": "external",
"summary": "839130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
},
{
"category": "external",
"summary": "839131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839131"
},
{
"category": "external",
"summary": "839158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839158"
},
{
"category": "external",
"summary": "843711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843711"
},
{
"category": "external",
"summary": "847196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847196"
},
{
"category": "external",
"summary": "847199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847199"
},
{
"category": "external",
"summary": "847200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847200"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1542.json"
}
],
"title": "Red Hat Security Advisory: CloudForms Commons 1.1 security update",
"tracking": {
"current_release_date": "2026-02-27T11:00:27+00:00",
"generator": {
"date": "2026-02-27T11:00:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2012:1542",
"initial_release_date": "2012-12-04T19:24:00+00:00",
"revision_history": [
{
"date": "2012-12-04T19:24:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-12-04T19:29:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-27T11:00:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms Cloud Engine for RHEL 6 Server",
"product": {
"name": "CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_cloudengine:1::el6"
}
}
},
{
"category": "product_name",
"name": "CloudForms System Engine for RHEL 6 Server",
"product": {
"name": "CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine",
"product_identification_helper": {
"cpe": "cpe:/a:cloudforms_systemengine:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "puppet-server-0:2.6.17-2.el6cf.noarch",
"product": {
"name": "puppet-server-0:2.6.17-2.el6cf.noarch",
"product_id": "puppet-server-0:2.6.17-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet-server@2.6.17-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "puppet-0:2.6.17-2.el6cf.noarch",
"product": {
"name": "puppet-0:2.6.17-2.el6cf.noarch",
"product_id": "puppet-0:2.6.17-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet@2.6.17-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"product": {
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"product_id": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@3.0.10-4.el6cf?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"product": {
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"product_id": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@3.0.10-10.el6cf?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-mail-0:2.3.0-3.el6cf.noarch",
"product": {
"name": "rubygem-mail-0:2.3.0-3.el6cf.noarch",
"product_id": "rubygem-mail-0:2.3.0-3.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-mail@2.3.0-3.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"product": {
"name": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"product_id": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-mail-doc@2.3.0-3.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"product": {
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"product_id": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-chunky_png@1.2.0-3.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-compass-0:0.11.5-2.el6cf.noarch",
"product": {
"name": "rubygem-compass-0:0.11.5-2.el6cf.noarch",
"product_id": "rubygem-compass-0:0.11.5-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-compass@0.11.5-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"product": {
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"product_id": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-compass-960-plugin@0.10.4-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"product": {
"name": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"product_id": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-compass-960-plugin-doc@0.10.4-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"product": {
"name": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"product_id": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-delayed_job-doc@2.1.4-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"product": {
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"product_id": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-delayed_job@2.1.4-2.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"product": {
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"product_id": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-net-ldap@0.1.1-3.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"product": {
"name": "converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"product_id": "converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/converge-ui-devel@1.0.4-1.el6cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"product": {
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"product_id": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@3.0.10-6.el6cf?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"product": {
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"product_id": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ldap_fluff@0.1.3-1.el6_3?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "puppet-0:2.6.17-2.el6cf.src",
"product": {
"name": "puppet-0:2.6.17-2.el6cf.src",
"product_id": "puppet-0:2.6.17-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/puppet@2.6.17-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.src",
"product": {
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.src",
"product_id": "rubygem-activesupport-1:3.0.10-4.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@3.0.10-4.el6cf?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.src",
"product": {
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.src",
"product_id": "rubygem-actionpack-1:3.0.10-10.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@3.0.10-10.el6cf?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-mail-0:2.3.0-3.el6cf.src",
"product": {
"name": "rubygem-mail-0:2.3.0-3.el6cf.src",
"product_id": "rubygem-mail-0:2.3.0-3.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-mail@2.3.0-3.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"product": {
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"product_id": "rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-chunky_png@1.2.0-3.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-compass-0:0.11.5-2.el6cf.src",
"product": {
"name": "rubygem-compass-0:0.11.5-2.el6cf.src",
"product_id": "rubygem-compass-0:0.11.5-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-compass@0.11.5-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"product": {
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"product_id": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-compass-960-plugin@0.10.4-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"product": {
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"product_id": "rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-delayed_job@2.1.4-2.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"product": {
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"product_id": "rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-net-ldap@0.1.1-3.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "converge-ui-devel-0:1.0.4-1.el6cf.src",
"product": {
"name": "converge-ui-devel-0:1.0.4-1.el6cf.src",
"product_id": "converge-ui-devel-0:1.0.4-1.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/converge-ui-devel@1.0.4-1.el6cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.src",
"product": {
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.src",
"product_id": "rubygem-activerecord-1:3.0.10-6.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@3.0.10-6.el6cf?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"product": {
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"product_id": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ldap_fluff@0.1.3-1.el6_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "converge-ui-devel-0:1.0.4-1.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch"
},
"product_reference": "converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "converge-ui-devel-0:1.0.4-1.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src"
},
"product_reference": "converge-ui-devel-0:1.0.4-1.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-0:2.6.17-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch"
},
"product_reference": "puppet-0:2.6.17-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-0:2.6.17-2.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src"
},
"product_reference": "puppet-0:2.6.17-2.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-server-0:2.6.17-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch"
},
"product_reference": "puppet-server-0:2.6.17-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch"
},
"product_reference": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src"
},
"product_reference": "rubygem-actionpack-1:3.0.10-10.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch"
},
"product_reference": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src"
},
"product_reference": "rubygem-activerecord-1:3.0.10-6.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch"
},
"product_reference": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src"
},
"product_reference": "rubygem-activesupport-1:3.0.10-4.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch"
},
"product_reference": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src"
},
"product_reference": "rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-0:0.11.5-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch"
},
"product_reference": "rubygem-compass-0:0.11.5-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-0:0.11.5-2.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src"
},
"product_reference": "rubygem-compass-0:0.11.5-2.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch"
},
"product_reference": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src"
},
"product_reference": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch"
},
"product_reference": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch"
},
"product_reference": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src"
},
"product_reference": "rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch"
},
"product_reference": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch"
},
"product_reference": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src"
},
"product_reference": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mail-0:2.3.0-3.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch"
},
"product_reference": "rubygem-mail-0:2.3.0-3.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mail-0:2.3.0-3.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src"
},
"product_reference": "rubygem-mail-0:2.3.0-3.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch"
},
"product_reference": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch"
},
"product_reference": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server",
"product_id": "6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
},
"product_reference": "rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"relates_to_product_reference": "6Server-CloudEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "converge-ui-devel-0:1.0.4-1.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch"
},
"product_reference": "converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "converge-ui-devel-0:1.0.4-1.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src"
},
"product_reference": "converge-ui-devel-0:1.0.4-1.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-0:2.6.17-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch"
},
"product_reference": "puppet-0:2.6.17-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-0:2.6.17-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src"
},
"product_reference": "puppet-0:2.6.17-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "puppet-server-0:2.6.17-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch"
},
"product_reference": "puppet-server-0:2.6.17-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch"
},
"product_reference": "rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.10-10.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src"
},
"product_reference": "rubygem-actionpack-1:3.0.10-10.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch"
},
"product_reference": "rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.10-6.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src"
},
"product_reference": "rubygem-activerecord-1:3.0.10-6.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch"
},
"product_reference": "rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-1:3.0.10-4.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src"
},
"product_reference": "rubygem-activesupport-1:3.0.10-4.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch"
},
"product_reference": "rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-chunky_png-0:1.2.0-3.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src"
},
"product_reference": "rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-0:0.11.5-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch"
},
"product_reference": "rubygem-compass-0:0.11.5-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-0:0.11.5-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src"
},
"product_reference": "rubygem-compass-0:0.11.5-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch"
},
"product_reference": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src"
},
"product_reference": "rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch"
},
"product_reference": "rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch"
},
"product_reference": "rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-delayed_job-0:2.1.4-2.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src"
},
"product_reference": "rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch"
},
"product_reference": "rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch"
},
"product_reference": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src"
},
"product_reference": "rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mail-0:2.3.0-3.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch"
},
"product_reference": "rubygem-mail-0:2.3.0-3.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mail-0:2.3.0-3.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src"
},
"product_reference": "rubygem-mail-0:2.3.0-3.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch"
},
"product_reference": "rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch"
},
"product_reference": "rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"relates_to_product_reference": "6Server-SystemEngine"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-net-ldap-0:0.1.1-3.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server",
"product_id": "6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
},
"product_reference": "rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"relates_to_product_reference": "6Server-SystemEngine"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Puppet Labs"
]
}
],
"cve": "CVE-2012-1986",
"discovery_date": "2012-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "810069"
}
],
"notes": [
{
"category": "description",
"text": "Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction with a crafted REST request for a file in a filebucket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "puppet: Filebucket arbitrary file read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-1986"
},
{
"category": "external",
"summary": "RHBZ#810069",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810069"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-1986",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1986"
},
{
"category": "external",
"summary": "http://puppetlabs.com/security/cve/cve-2012-1986/",
"url": "http://puppetlabs.com/security/cve/cve-2012-1986/"
}
],
"release_date": "2012-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "puppet: Filebucket arbitrary file read"
},
{
"acknowledgments": [
{
"names": [
"Puppet Labs"
]
}
],
"cve": "CVE-2012-1987",
"discovery_date": "2012-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "810070"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use \"a marshaled form of a Puppet::FileBucket::File object\" to write to arbitrary file locations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "puppet: Filebucket denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-1987"
},
{
"category": "external",
"summary": "RHBZ#810070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-1987",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1987"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1987",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1987"
},
{
"category": "external",
"summary": "http://puppetlabs.com/security/cve/cve-2012-1987/",
"url": "http://puppetlabs.com/security/cve/cve-2012-1987/"
}
],
"release_date": "2012-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "puppet: Filebucket denial of service"
},
{
"acknowledgments": [
{
"names": [
"Puppet Labs"
]
}
],
"cve": "CVE-2012-1988",
"discovery_date": "2012-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "810071"
}
],
"notes": [
{
"category": "description",
"text": "Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "puppet: Filebucket arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-1988"
},
{
"category": "external",
"summary": "RHBZ#810071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=810071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-1988",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1988"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1988",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1988"
},
{
"category": "external",
"summary": "http://puppetlabs.com/security/cve/cve-2012-1988/",
"url": "http://puppetlabs.com/security/cve/cve-2012-1988/"
}
],
"release_date": "2012-04-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "puppet: Filebucket arbitrary code execution"
},
{
"cve": "CVE-2012-2139",
"discovery_date": "2012-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891762"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-mail: directory traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2139"
},
{
"category": "external",
"summary": "RHBZ#891762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2139"
}
],
"release_date": "2012-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-mail: directory traversal"
},
{
"cve": "CVE-2012-2140",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2012-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "816352"
}
],
"notes": [
{
"category": "description",
"text": "The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-mail: arbitrary command execution when using exim or sendmail from commandline",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2140"
},
{
"category": "external",
"summary": "RHBZ#816352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=816352"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2140",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2140"
}
],
"release_date": "2012-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-mail: arbitrary command execution when using exim or sendmail from commandline"
},
{
"cve": "CVE-2012-2660",
"discovery_date": "2012-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "827353"
}
],
"notes": [
{
"category": "description",
"text": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2694.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Unsafe query generation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2660"
},
{
"category": "external",
"summary": "RHBZ#827353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2660"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2660",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2660"
}
],
"release_date": "2012-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Unsafe query generation"
},
{
"cve": "CVE-2012-2661",
"discovery_date": "2012-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "827363"
}
],
"notes": [
{
"category": "description",
"text": "The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: SQL injection when processing nested query paramaters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2661"
},
{
"category": "external",
"summary": "RHBZ#827363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2661",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2661"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2661",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2661"
}
],
"release_date": "2012-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-activerecord: SQL injection when processing nested query paramaters"
},
{
"cve": "CVE-2012-2694",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2012-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "831581"
}
],
"notes": [
{
"category": "description",
"text": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2694"
},
{
"category": "external",
"summary": "RHBZ#831581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831581"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2694"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)"
},
{
"cve": "CVE-2012-2695",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2012-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "831573"
}
],
"notes": [
{
"category": "description",
"text": "The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2695"
},
{
"category": "external",
"summary": "RHBZ#831573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2695"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)"
},
{
"cve": "CVE-2012-3424",
"discovery_date": "2012-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "843711"
}
],
"notes": [
{
"category": "description",
"text": "The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3424"
},
{
"category": "external",
"summary": "RHBZ#843711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3424"
}
],
"release_date": "2012-07-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest"
},
{
"cve": "CVE-2012-3463",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847196"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: potential XSS vulnerability in select_tag prompt",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3463"
},
{
"category": "external",
"summary": "RHBZ#847196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847196"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3463"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: potential XSS vulnerability in select_tag prompt"
},
{
"cve": "CVE-2012-3464",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847199"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a \u0027 (quote) character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: potential XSS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3464"
},
{
"category": "external",
"summary": "RHBZ#847199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3464",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3464"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: potential XSS vulnerability"
},
{
"cve": "CVE-2012-3465",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847200"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: XSS Vulnerability in strip_tags",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3465"
},
{
"category": "external",
"summary": "RHBZ#847200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3465"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: XSS Vulnerability in strip_tags"
},
{
"acknowledgments": [
{
"names": [
"Puppet Labs"
]
}
],
"cve": "CVE-2012-3864",
"discovery_date": "2012-07-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "839130"
}
],
"notes": [
{
"category": "description",
"text": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "puppet: authenticated clients allowed to read arbitrary files from the puppet master",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3864"
},
{
"category": "external",
"summary": "RHBZ#839130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3864",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3864"
},
{
"category": "external",
"summary": "http://puppetlabs.com/security/cve/cve-2012-3864/",
"url": "http://puppetlabs.com/security/cve/cve-2012-3864/"
}
],
"release_date": "2012-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "puppet: authenticated clients allowed to read arbitrary files from the puppet master"
},
{
"acknowledgments": [
{
"names": [
"Puppet Labs"
]
}
],
"cve": "CVE-2012-3865",
"discovery_date": "2012-07-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "839131"
}
],
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "puppet: authenticated clients allowed to delete arbitrary files on the puppet master",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3865"
},
{
"category": "external",
"summary": "RHBZ#839131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3865",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3865"
},
{
"category": "external",
"summary": "http://puppetlabs.com/security/cve/cve-2012-3865/",
"url": "http://puppetlabs.com/security/cve/cve-2012-3865/"
}
],
"release_date": "2012-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "puppet: authenticated clients allowed to delete arbitrary files on the puppet master"
},
{
"acknowledgments": [
{
"names": [
"Puppet Labs"
]
}
],
"cve": "CVE-2012-3867",
"discovery_date": "2012-07-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "839158"
}
],
"notes": [
{
"category": "description",
"text": "lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "puppet: insufficient validation of agent names in CN of SSL certificate requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3867"
},
{
"category": "external",
"summary": "RHBZ#839158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=839158"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3867",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3867"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3867",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3867"
},
{
"category": "external",
"summary": "http://puppetlabs.com/security/cve/cve-2012-3867/",
"url": "http://puppetlabs.com/security/cve/cve-2012-3867/"
}
],
"release_date": "2012-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-12-04T19:24:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1542"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-CloudEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-CloudEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-CloudEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-CloudEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-CloudEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-CloudEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-CloudEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-CloudEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-CloudEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.noarch",
"6Server-SystemEngine:converge-ui-devel-0:1.0.4-1.el6cf.src",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:puppet-0:2.6.17-2.el6cf.src",
"6Server-SystemEngine:puppet-server-0:2.6.17-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.noarch",
"6Server-SystemEngine:rubygem-actionpack-1:3.0.10-10.el6cf.src",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.noarch",
"6Server-SystemEngine:rubygem-activerecord-1:3.0.10-6.el6cf.src",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.noarch",
"6Server-SystemEngine:rubygem-activesupport-1:3.0.10-4.el6cf.src",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-chunky_png-0:1.2.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-0:0.11.5-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-compass-960-plugin-0:0.10.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-compass-960-plugin-doc-0:0.10.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-delayed_job-0:2.1.4-2.el6cf.src",
"6Server-SystemEngine:rubygem-delayed_job-doc-0:2.1.4-2.el6cf.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.noarch",
"6Server-SystemEngine:rubygem-ldap_fluff-0:0.1.3-1.el6_3.src",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-mail-0:2.3.0-3.el6cf.src",
"6Server-SystemEngine:rubygem-mail-doc-0:2.3.0-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.noarch",
"6Server-SystemEngine:rubygem-net-ldap-0:0.1.1-3.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "puppet: insufficient validation of agent names in CN of SSL certificate requests"
}
]
}
RHSA-2013:0154
Vulnerability from csaf_redhat - Published: 2013-01-10 20:39 - Updated: 2026-03-27 09:17Summary
Red Hat Security Advisory: Ruby on Rails security update
Severity
Critical
Notes
Topic: Updated rubygem-actionpack, rubygem-activesupport, and rubygem-activerecord
packages that fix multiple security issues are now available for Red Hat
Subscription Asset Manager.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: Ruby on Rails is a model–view–controller (MVC) framework for web
application development. Action Pack implements the controller and the view
components. Active Record implements object-relational mapping for
accessing database entries using objects. Active Support provides support
and utility classes used by the Ruby on Rails framework.
Multiple flaws were found in the way Ruby on Rails performed XML parameter
parsing in HTTP requests. A remote attacker could use these flaws to
execute arbitrary code with the privileges of a Ruby on Rails application,
perform SQL injection attacks, or bypass the authentication using a
specially-created HTTP request. (CVE-2013-0156)
Red Hat is aware that a public exploit for the CVE-2013-0156 issues is
available that allows remote code execution in applications using Ruby on
Rails.
Multiple input validation vulnerabilities were discovered in
rubygem-activerecord. A remote attacker could possibly use these flaws to
perform an SQL injection attack against an application using
rubygem-activerecord. (CVE-2012-2661, CVE-2012-2695, CVE-2012-6496,
CVE-2013-0155)
Multiple input validation vulnerabilities were discovered in
rubygem-actionpack. A remote attacker could possibly use these flaws to
perform an SQL injection attack against an application using
rubygem-actionpack and rubygem-activerecord. (CVE-2012-2660, CVE-2012-2694)
Multiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.
A remote attacker could use these flaws to conduct XSS attacks against
users of an application using rubygem-actionpack. (CVE-2012-3463,
CVE-2012-3464, CVE-2012-3465)
A flaw was found in the HTTP digest authentication implementation in
rubygem-actionpack. A remote attacker could use this flaw to cause a
denial of service of an application using rubygem-actionpack and digest
authentication. (CVE-2012-3424)
Users are advised to upgrade to these updated rubygem-actionpack,
rubygem-activesupport, and rubygem-activerecord packages, which resolve
these issues. Katello must be restarted ("service katello restart") for
this update to take effect.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2694.
4.0 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
4.3 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
4.0 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
4.3 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.
4.3 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Low
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.
4.3 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character.
4.3 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.
4.3 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.
6.4 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694.
6.4 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Important
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.
7.5 ()
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src | — |
Vendor Fix
fix
|
Threats
Impact
Critical
References
60 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated rubygem-actionpack, rubygem-activesupport, and rubygem-activerecord\npackages that fix multiple security issues are now available for Red Hat\nSubscription Asset Manager.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Ruby on Rails is a model\u2013view\u2013controller (MVC) framework for web\napplication development. Action Pack implements the controller and the view\ncomponents. Active Record implements object-relational mapping for\naccessing database entries using objects. Active Support provides support\nand utility classes used by the Ruby on Rails framework.\n\nMultiple flaws were found in the way Ruby on Rails performed XML parameter\nparsing in HTTP requests. A remote attacker could use these flaws to\nexecute arbitrary code with the privileges of a Ruby on Rails application,\nperform SQL injection attacks, or bypass the authentication using a\nspecially-created HTTP request. (CVE-2013-0156)\n\nRed Hat is aware that a public exploit for the CVE-2013-0156 issues is\navailable that allows remote code execution in applications using Ruby on\nRails.\n\nMultiple input validation vulnerabilities were discovered in\nrubygem-activerecord. A remote attacker could possibly use these flaws to\nperform an SQL injection attack against an application using\nrubygem-activerecord. (CVE-2012-2661, CVE-2012-2695, CVE-2012-6496,\nCVE-2013-0155)\n\nMultiple input validation vulnerabilities were discovered in\nrubygem-actionpack. A remote attacker could possibly use these flaws to\nperform an SQL injection attack against an application using\nrubygem-actionpack and rubygem-activerecord. (CVE-2012-2660, CVE-2012-2694)\n\nMultiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.\nA remote attacker could use these flaws to conduct XSS attacks against\nusers of an application using rubygem-actionpack. (CVE-2012-3463,\nCVE-2012-3464, CVE-2012-3465)\n\nA flaw was found in the HTTP digest authentication implementation in\nrubygem-actionpack. A remote attacker could use this flaw to cause a\ndenial of service of an application using rubygem-actionpack and digest\nauthentication. (CVE-2012-3424)\n\nUsers are advised to upgrade to these updated rubygem-actionpack,\nrubygem-activesupport, and rubygem-activerecord packages, which resolve\nthese issues. Katello must be restarted (\"service katello restart\") for\nthis update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:0154",
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/solutions/290903",
"url": "https://access.redhat.com/knowledge/solutions/290903"
},
{
"category": "external",
"summary": "827353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827353"
},
{
"category": "external",
"summary": "827363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827363"
},
{
"category": "external",
"summary": "831573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831573"
},
{
"category": "external",
"summary": "831581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831581"
},
{
"category": "external",
"summary": "843711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843711"
},
{
"category": "external",
"summary": "847196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847196"
},
{
"category": "external",
"summary": "847199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847199"
},
{
"category": "external",
"summary": "847200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847200"
},
{
"category": "external",
"summary": "889649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=889649"
},
{
"category": "external",
"summary": "892866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892866"
},
{
"category": "external",
"summary": "892870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892870"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0154.json"
}
],
"title": "Red Hat Security Advisory: Ruby on Rails security update",
"tracking": {
"current_release_date": "2026-03-27T09:17:08+00:00",
"generator": {
"date": "2026-03-27T09:17:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2013:0154",
"initial_release_date": "2013-01-10T20:39:00+00:00",
"revision_history": [
{
"date": "2013-01-10T20:39:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-01-10T20:38:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T09:17:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Subscription Asset Manager for RHEL 6 Server",
"product": {
"name": "Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11",
"product_identification_helper": {
"cpe": "cpe:/a:rhel_sam:1.1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Subscription Asset Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"product": {
"name": "rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"product_id": "rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@3.0.10-5.el6cf?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"product": {
"name": "rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"product_id": "rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@3.0.10-8.el6cf?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"product": {
"name": "rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"product_id": "rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@3.0.10-11.el6cf?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-activesupport-1:3.0.10-5.el6cf.src",
"product": {
"name": "rubygem-activesupport-1:3.0.10-5.el6cf.src",
"product_id": "rubygem-activesupport-1:3.0.10-5.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@3.0.10-5.el6cf?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-1:3.0.10-8.el6cf.src",
"product": {
"name": "rubygem-activerecord-1:3.0.10-8.el6cf.src",
"product_id": "rubygem-activerecord-1:3.0.10-8.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@3.0.10-8.el6cf?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-1:3.0.10-11.el6cf.src",
"product": {
"name": "rubygem-actionpack-1:3.0.10-11.el6cf.src",
"product_id": "rubygem-actionpack-1:3.0.10-11.el6cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@3.0.10-11.el6cf?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.10-11.el6cf.noarch as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch"
},
"product_reference": "rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"relates_to_product_reference": "6Server-SubscriptionAssetManager11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.10-11.el6cf.src as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src"
},
"product_reference": "rubygem-actionpack-1:3.0.10-11.el6cf.src",
"relates_to_product_reference": "6Server-SubscriptionAssetManager11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.10-8.el6cf.noarch as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch"
},
"product_reference": "rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"relates_to_product_reference": "6Server-SubscriptionAssetManager11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.10-8.el6cf.src as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src"
},
"product_reference": "rubygem-activerecord-1:3.0.10-8.el6cf.src",
"relates_to_product_reference": "6Server-SubscriptionAssetManager11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-1:3.0.10-5.el6cf.noarch as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch"
},
"product_reference": "rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"relates_to_product_reference": "6Server-SubscriptionAssetManager11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-1:3.0.10-5.el6cf.src as a component of Red Hat Subscription Asset Manager for RHEL 6 Server",
"product_id": "6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
},
"product_reference": "rubygem-activesupport-1:3.0.10-5.el6cf.src",
"relates_to_product_reference": "6Server-SubscriptionAssetManager11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-2660",
"discovery_date": "2012-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "827353"
}
],
"notes": [
{
"category": "description",
"text": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2694.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Unsafe query generation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2660"
},
{
"category": "external",
"summary": "RHBZ#827353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2660"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2660",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2660"
}
],
"release_date": "2012-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Unsafe query generation"
},
{
"cve": "CVE-2012-2661",
"discovery_date": "2012-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "827363"
}
],
"notes": [
{
"category": "description",
"text": "The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: SQL injection when processing nested query paramaters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2661"
},
{
"category": "external",
"summary": "RHBZ#827363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2661",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2661"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2661",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2661"
}
],
"release_date": "2012-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-activerecord: SQL injection when processing nested query paramaters"
},
{
"cve": "CVE-2012-2694",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2012-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "831581"
}
],
"notes": [
{
"category": "description",
"text": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2694"
},
{
"category": "external",
"summary": "RHBZ#831581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831581"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2694"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)"
},
{
"cve": "CVE-2012-2695",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2012-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "831573"
}
],
"notes": [
{
"category": "description",
"text": "The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2695"
},
{
"category": "external",
"summary": "RHBZ#831573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2695"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)"
},
{
"cve": "CVE-2012-3424",
"discovery_date": "2012-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "843711"
}
],
"notes": [
{
"category": "description",
"text": "The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3424"
},
{
"category": "external",
"summary": "RHBZ#843711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3424"
}
],
"release_date": "2012-07-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest"
},
{
"cve": "CVE-2012-3463",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847196"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: potential XSS vulnerability in select_tag prompt",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3463"
},
{
"category": "external",
"summary": "RHBZ#847196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847196"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3463"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: potential XSS vulnerability in select_tag prompt"
},
{
"cve": "CVE-2012-3464",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847199"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a \u0027 (quote) character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: potential XSS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3464"
},
{
"category": "external",
"summary": "RHBZ#847199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3464",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3464"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: potential XSS vulnerability"
},
{
"cve": "CVE-2012-3465",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847200"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: XSS Vulnerability in strip_tags",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3465"
},
{
"category": "external",
"summary": "RHBZ#847200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3465"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: XSS Vulnerability in strip_tags"
},
{
"cve": "CVE-2012-6496",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2012-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "889649"
}
],
"notes": [
{
"category": "description",
"text": "SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: find_by_* SQL Injection",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6496"
},
{
"category": "external",
"summary": "RHBZ#889649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=889649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6496",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6496"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6496",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6496"
},
{
"category": "external",
"summary": "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html",
"url": "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html"
}
],
"release_date": "2012-12-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activerecord: find_by_* SQL Injection"
},
{
"cve": "CVE-2013-0155",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2013-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "892866"
}
],
"notes": [
{
"category": "description",
"text": "Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660 and CVE-2012-2694.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0155"
},
{
"category": "external",
"summary": "RHBZ#892866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0155"
}
],
"release_date": "2013-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails"
},
{
"cve": "CVE-2013-0156",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2013-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "892870"
}
],
"notes": [
{
"category": "description",
"text": "active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For details of affected products and workarounds see https://access.redhat.com/knowledge/node/290903",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0156"
},
{
"category": "external",
"summary": "RHBZ#892870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892870"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0156"
}
],
"release_date": "2013-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-01-10T20:39:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0154"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-actionpack-1:3.0.10-11.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activerecord-1:3.0.10-8.el6cf.src",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.noarch",
"6Server-SubscriptionAssetManager11:rubygem-activesupport-1:3.0.10-5.el6cf.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack"
}
]
}
RHSA-2013:0582
Vulnerability from csaf_redhat - Published: 2013-02-28 18:53 - Updated: 2026-04-20 21:35Summary
Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Enterprise 1.1.1 is now available.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS)
solution from Red Hat, and is designed for on-premise or private cloud
deployments.
Installing the updated packages and restarting the OpenShift services are
the only requirements for this update. However, if you are updating your
system to Red Hat Enterprise Linux 6.4 while applying OpenShift Enterprise
1.1.1 updates, it is recommended that you restart your system.
For further information about this release, refer to the OpenShift
Enterprise 1.1.1 Technical Notes, available shortly from
https://access.redhat.com/knowledge/docs/
This update also fixes the following security issues:
Multiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.
A remote attacker could use these flaws to conduct XSS attacks against
users of an application using rubygem-actionpack. (CVE-2012-3463,
CVE-2012-3464, CVE-2012-3465)
It was found that certain methods did not sanitize file names before
passing them to lower layer routines in Ruby. If a Ruby application created
files with names based on untrusted input, it could result in the creation
of files with different names than expected. (CVE-2012-4522)
A denial of service flaw was found in the implementation of associative
arrays (hashes) in Ruby. An attacker able to supply a large number of
inputs to a Ruby application (such as HTTP POST request parameters sent to
a web application) that are used as keys when inserting data into an array
could trigger multiple hash function collisions, making array operations
take an excessive amount of CPU time. To mitigate this issue, a new, more
collision resistant algorithm has been used to reduce the chance of an
attacker successfully causing intentional collisions. (CVE-2012-5371)
Input validation vulnerabilities were discovered in rubygem-activerecord.
A remote attacker could possibly use these flaws to perform an SQL
injection attack against an application using rubygem-activerecord.
(CVE-2012-2661, CVE-2012-2695, CVE-2013-0155)
Input validation vulnerabilities were discovered in rubygem-actionpack. A
remote attacker could possibly use these flaws to perform an SQL injection
attack against an application using rubygem-actionpack and
rubygem-activerecord. (CVE-2012-2660, CVE-2012-2694)
A flaw was found in the HTTP digest authentication implementation in
rubygem-actionpack. A remote attacker could use this flaw to cause a
denial of service of an application using rubygem-actionpack and digest
authentication. (CVE-2012-3424)
A flaw was found in the handling of strings in Ruby safe level 4. A remote
attacker can use Exception#to_s to destructively modify an untainted string
so that it is tainted, the string can then be arbitrarily modified.
(CVE-2012-4466)
A flaw was found in the method for translating an exception message into a
string in the Ruby Exception class. A remote attacker could use this flaw
to bypass safe level 4 restrictions, allowing untrusted (tainted) code to
modify arbitrary, trusted (untainted) strings, which safe level 4
restrictions would otherwise prevent. (CVE-2012-4464)
It was found that ruby_parser from rubygem-ruby_parser created a temporary
file in an insecure way. A local attacker could use this flaw to perform a
symbolic link attack, overwriting arbitrary files accessible to the
application using ruby_parser. (CVE-2013-0162)
The CVE-2013-0162 issue was discovered by Michael Scherer of the Red Hat
Regional IT team.
Users are advised to upgrade to Red Hat OpenShift Enterprise 1.1.1.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2694.
4.0 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.
4.0 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
4.3 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815.
5.0 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660 and CVE-2012-2694.
6.4 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
2.1 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.
5.0 ()
Affected products
Fixed
142 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
90 references
Acknowledgments
Red Hat Regional IT team
Michael Scherer
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Enterprise 1.1.1 is now available.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS)\nsolution from Red Hat, and is designed for on-premise or private cloud\ndeployments.\n\nInstalling the updated packages and restarting the OpenShift services are\nthe only requirements for this update. However, if you are updating your\nsystem to Red Hat Enterprise Linux 6.4 while applying OpenShift Enterprise\n1.1.1 updates, it is recommended that you restart your system.\n\nFor further information about this release, refer to the OpenShift\nEnterprise 1.1.1 Technical Notes, available shortly from\nhttps://access.redhat.com/knowledge/docs/\n\nThis update also fixes the following security issues:\n\nMultiple cross-site scripting (XSS) flaws were found in rubygem-actionpack.\nA remote attacker could use these flaws to conduct XSS attacks against\nusers of an application using rubygem-actionpack. (CVE-2012-3463,\nCVE-2012-3464, CVE-2012-3465)\n\nIt was found that certain methods did not sanitize file names before\npassing them to lower layer routines in Ruby. If a Ruby application created\nfiles with names based on untrusted input, it could result in the creation\nof files with different names than expected. (CVE-2012-4522)\n\nA denial of service flaw was found in the implementation of associative\narrays (hashes) in Ruby. An attacker able to supply a large number of\ninputs to a Ruby application (such as HTTP POST request parameters sent to\na web application) that are used as keys when inserting data into an array\ncould trigger multiple hash function collisions, making array operations\ntake an excessive amount of CPU time. To mitigate this issue, a new, more\ncollision resistant algorithm has been used to reduce the chance of an\nattacker successfully causing intentional collisions. (CVE-2012-5371)\n\nInput validation vulnerabilities were discovered in rubygem-activerecord.\nA remote attacker could possibly use these flaws to perform an SQL\ninjection attack against an application using rubygem-activerecord.\n(CVE-2012-2661, CVE-2012-2695, CVE-2013-0155)\n\nInput validation vulnerabilities were discovered in rubygem-actionpack. A\nremote attacker could possibly use these flaws to perform an SQL injection\nattack against an application using rubygem-actionpack and\nrubygem-activerecord. (CVE-2012-2660, CVE-2012-2694)\n\nA flaw was found in the HTTP digest authentication implementation in\nrubygem-actionpack. A remote attacker could use this flaw to cause a\ndenial of service of an application using rubygem-actionpack and digest\nauthentication. (CVE-2012-3424)\n\nA flaw was found in the handling of strings in Ruby safe level 4. A remote\nattacker can use Exception#to_s to destructively modify an untainted string\nso that it is tainted, the string can then be arbitrarily modified.\n(CVE-2012-4466)\n\nA flaw was found in the method for translating an exception message into a\nstring in the Ruby Exception class. A remote attacker could use this flaw\nto bypass safe level 4 restrictions, allowing untrusted (tainted) code to\nmodify arbitrary, trusted (untainted) strings, which safe level 4\nrestrictions would otherwise prevent. (CVE-2012-4464)\n\nIt was found that ruby_parser from rubygem-ruby_parser created a temporary\nfile in an insecure way. A local attacker could use this flaw to perform a\nsymbolic link attack, overwriting arbitrary files accessible to the\napplication using ruby_parser. (CVE-2013-0162)\n\nThe CVE-2013-0162 issue was discovered by Michael Scherer of the Red Hat\nRegional IT team.\n\nUsers are advised to upgrade to Red Hat OpenShift Enterprise 1.1.1.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:0582",
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/knowledge/docs/",
"url": "https://access.redhat.com/knowledge/docs/"
},
{
"category": "external",
"summary": "827353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827353"
},
{
"category": "external",
"summary": "827363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827363"
},
{
"category": "external",
"summary": "831573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831573"
},
{
"category": "external",
"summary": "831581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831581"
},
{
"category": "external",
"summary": "843711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843711"
},
{
"category": "external",
"summary": "847196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847196"
},
{
"category": "external",
"summary": "847199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847199"
},
{
"category": "external",
"summary": "847200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847200"
},
{
"category": "external",
"summary": "862598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862598"
},
{
"category": "external",
"summary": "862614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862614"
},
{
"category": "external",
"summary": "865940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865940"
},
{
"category": "external",
"summary": "875236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875236"
},
{
"category": "external",
"summary": "887353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887353"
},
{
"category": "external",
"summary": "889426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=889426"
},
{
"category": "external",
"summary": "892806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892806"
},
{
"category": "external",
"summary": "892866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892866"
},
{
"category": "external",
"summary": "895347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895347"
},
{
"category": "external",
"summary": "895355",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895355"
},
{
"category": "external",
"summary": "902412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=902412"
},
{
"category": "external",
"summary": "902630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=902630"
},
{
"category": "external",
"summary": "903526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=903526"
},
{
"category": "external",
"summary": "903546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=903546"
},
{
"category": "external",
"summary": "905021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=905021"
},
{
"category": "external",
"summary": "905656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=905656"
},
{
"category": "external",
"summary": "906227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=906227"
},
{
"category": "external",
"summary": "906845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=906845"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0582.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update",
"tracking": {
"current_release_date": "2026-04-20T21:35:07+00:00",
"generator": {
"date": "2026-04-20T21:35:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2013:0582",
"initial_release_date": "2013-02-28T18:53:00+00:00",
"revision_history": [
{
"date": "2013-02-28T18:53:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-02-28T19:05:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-20T21:35:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Enterprise Infrastructure",
"product": {
"name": "Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Enterprise Node",
"product": {
"name": "Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:1::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Enterprise JBoss EAP add-on",
"product": {
"name": "Red Hat OpenShift Enterprise JBoss EAP add-on",
"product_id": "6Server-RHOSE-JBOSSEAP",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-actionpack-1:3.0.13-4.el6op.src",
"product": {
"name": "rubygem-actionpack-1:3.0.13-4.el6op.src",
"product_id": "rubygem-actionpack-1:3.0.13-4.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@3.0.13-4.el6op?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"product": {
"name": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"product_id": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-node@1.0.11-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"product": {
"name": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"product_id": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-msg-node-mcollective@1.0.3-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"product": {
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"product_id": "rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ruby_parser@2.0.4-6.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"product_id": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-cron-1.4@1.0.3-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"product_id": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-diy-0.1@1.0.3-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"product_id": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-haproxy-1.4@1.0.4-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"product_id": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jenkins-client-1.4@1.0.2-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"product_id": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-perl-5.10@1.0.3-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"product_id": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-mysql-5.1@1.0.5-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"product_id": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jenkins-1.4@1.0.2-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"product": {
"name": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"product_id": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-postgresql-8.4@1.0.3-2.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"product_id": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-ruby-1.9-scl@1.0.8-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"product_id": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-ruby-1.8@1.0.7-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"product_id": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-php-5.3@1.0.5-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"product": {
"name": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"product_id": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-auth-remote-user@1.0.5-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-broker-0:1.0.11-1.el6op.src",
"product": {
"name": "openshift-origin-broker-0:1.0.11-1.el6op.src",
"product_id": "openshift-origin-broker-0:1.0.11-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-broker@1.0.11-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-console-0:0.0.16-1.el6op.src",
"product": {
"name": "openshift-console-0:0.0.16-1.el6op.src",
"product_id": "openshift-console-0:0.0.16-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-console@0.0.16-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"product": {
"name": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"product_id": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-console@1.0.10-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"product_id": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jbosseap-6.0@1.0.4-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"product": {
"name": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"product_id": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jbossews-1.0@1.0.13-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-bson-0:1.8.1-2.el6op.src",
"product": {
"name": "rubygem-bson-0:1.8.1-2.el6op.src",
"product_id": "rubygem-bson-0:1.8.1-2.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bson@1.8.1-2.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-mongo-0:1.8.1-2.el6op.src",
"product": {
"name": "rubygem-mongo-0:1.8.1-2.el6op.src",
"product_id": "rubygem-mongo-0:1.8.1-2.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-mongo@1.8.1-2.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"product": {
"name": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"product_id": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-controller@1.0.12-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "graphviz-0:2.26.0-10.el6.src",
"product": {
"name": "graphviz-0:2.26.0-10.el6.src",
"product_id": "graphviz-0:2.26.0-10.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz@2.26.0-10.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "php-0:5.3.3-22.el6.src",
"product": {
"name": "php-0:5.3.3-22.el6.src",
"product_id": "php-0:5.3.3-22.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@5.3.3-22.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"product": {
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"product_id": "ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-railties@3.2.8-2.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"product": {
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"product_id": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-activerecord@3.2.8-3.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"product": {
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"product_id": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-actionpack@3.2.8-3.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"product": {
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"product_id": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-activemodel@3.2.8-2.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"product": {
"name": "openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"product_id": "openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-broker-util@1.0.15-1.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-0:1.9.3.327-25.el6.src",
"product": {
"name": "ruby193-ruby-0:1.9.3.327-25.el6.src",
"product_id": "ruby193-ruby-0:1.9.3.327-25.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby@1.9.3.327-25.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"product": {
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"product_id": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-ruby_parser@2.3.1-3.el6op?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-1:3.0.13-5.el6op.src",
"product": {
"name": "rubygem-activerecord-1:3.0.13-5.el6op.src",
"product_id": "rubygem-activerecord-1:3.0.13-5.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@3.0.13-5.el6op?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:3.0.13-3.el6op.src",
"product": {
"name": "rubygem-activemodel-0:3.0.13-3.el6op.src",
"product_id": "rubygem-activemodel-0:3.0.13-3.el6op.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@3.0.13-3.el6op?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"product": {
"name": "rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"product_id": "rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@3.0.13-4.el6op?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"product": {
"name": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"product_id": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-node@1.0.11-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"product": {
"name": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"product_id": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-msg-node-mcollective@1.0.3-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"product": {
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"product_id": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ruby_parser@2.0.4-6.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"product": {
"name": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"product_id": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ruby_parser-doc@2.0.4-6.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-cron-1.4@1.0.3-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-diy-0.1@1.0.3-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-haproxy-1.4@1.0.4-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jenkins-client-1.4@1.0.2-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-perl-5.10@1.0.3-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-mysql-5.1@1.0.5-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jenkins-1.4@1.0.2-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"product_id": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-postgresql-8.4@1.0.3-2.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-ruby-1.9-scl@1.0.8-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-ruby-1.8@1.0.7-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-php-5.3@1.0.5-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"product": {
"name": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"product_id": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-auth-remote-user@1.0.5-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"product": {
"name": "openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"product_id": "openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-broker@1.0.11-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-console-0:0.0.16-1.el6op.noarch",
"product": {
"name": "openshift-console-0:0.0.16-1.el6op.noarch",
"product_id": "openshift-console-0:0.0.16-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-console@0.0.16-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"product": {
"name": "rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"product_id": "rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-console-doc@1.0.10-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"product": {
"name": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"product_id": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-console@1.0.10-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jbosseap-6.0@1.0.4-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"product": {
"name": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"product_id": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-cartridge-jbossews-1.0@1.0.13-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-bson-0:1.8.1-2.el6op.noarch",
"product": {
"name": "rubygem-bson-0:1.8.1-2.el6op.noarch",
"product_id": "rubygem-bson-0:1.8.1-2.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bson@1.8.1-2.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-mongo-0:1.8.1-2.el6op.noarch",
"product": {
"name": "rubygem-mongo-0:1.8.1-2.el6op.noarch",
"product_id": "rubygem-mongo-0:1.8.1-2.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-mongo@1.8.1-2.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"product": {
"name": "rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"product_id": "rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-mongo-doc@1.8.1-2.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"product": {
"name": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"product_id": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-openshift-origin-controller@1.0.12-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"product": {
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"product_id": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-railties@3.2.8-2.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"product": {
"name": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"product_id": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-railties-doc@3.2.8-2.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"product": {
"name": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"product_id": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-activerecord-doc@3.2.8-3.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"product": {
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"product_id": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-activerecord@3.2.8-3.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"product": {
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"product_id": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-actionpack@3.2.8-3.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"product": {
"name": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"product_id": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-actionpack-doc@3.2.8-3.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"product": {
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"product_id": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-activemodel@3.2.8-2.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"product": {
"name": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"product_id": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-activemodel-doc@3.2.8-2.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"product": {
"name": "openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"product_id": "openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-origin-broker-util@1.0.15-1.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"product": {
"name": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"product_id": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygems-devel@1.8.23-25.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"product": {
"name": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"product_id": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby-irb@1.9.3.327-25.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"product": {
"name": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"product_id": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-rake@0.9.2.2-25.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygems-0:1.8.23-25.el6.noarch",
"product": {
"name": "ruby193-rubygems-0:1.8.23-25.el6.noarch",
"product_id": "ruby193-rubygems-0:1.8.23-25.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygems@1.8.23-25.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"product": {
"name": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"product_id": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-minitest@2.5.1-25.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"product": {
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"product_id": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-ruby_parser@2.3.1-3.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"product": {
"name": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"product_id": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-ruby_parser-doc@2.3.1-3.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"product": {
"name": "rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"product_id": "rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@3.0.13-5.el6op?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"product": {
"name": "rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"product_id": "rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@3.0.13-3.el6op?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"product": {
"name": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"product_id": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel-doc@3.0.13-3.el6op?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "graphviz-ruby-0:2.26.0-10.el6.x86_64",
"product": {
"name": "graphviz-ruby-0:2.26.0-10.el6.x86_64",
"product_id": "graphviz-ruby-0:2.26.0-10.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz-ruby@2.26.0-10.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "graphviz-doc-0:2.26.0-10.el6.x86_64",
"product": {
"name": "graphviz-doc-0:2.26.0-10.el6.x86_64",
"product_id": "graphviz-doc-0:2.26.0-10.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz-doc@2.26.0-10.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "graphviz-gd-0:2.26.0-10.el6.x86_64",
"product": {
"name": "graphviz-gd-0:2.26.0-10.el6.x86_64",
"product_id": "graphviz-gd-0:2.26.0-10.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz-gd@2.26.0-10.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "graphviz-devel-0:2.26.0-10.el6.x86_64",
"product": {
"name": "graphviz-devel-0:2.26.0-10.el6.x86_64",
"product_id": "graphviz-devel-0:2.26.0-10.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz-devel@2.26.0-10.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"product": {
"name": "graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"product_id": "graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz-debuginfo@2.26.0-10.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "graphviz-0:2.26.0-10.el6.x86_64",
"product": {
"name": "graphviz-0:2.26.0-10.el6.x86_64",
"product_id": "graphviz-0:2.26.0-10.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/graphviz@2.26.0-10.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-mbstring-0:5.3.3-22.el6.x86_64",
"product": {
"name": "php-mbstring-0:5.3.3-22.el6.x86_64",
"product_id": "php-mbstring-0:5.3.3-22.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mbstring@5.3.3-22.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:5.3.3-22.el6.x86_64",
"product": {
"name": "php-devel-0:5.3.3-22.el6.x86_64",
"product_id": "php-devel-0:5.3.3-22.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@5.3.3-22.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-process-0:5.3.3-22.el6.x86_64",
"product": {
"name": "php-process-0:5.3.3-22.el6.x86_64",
"product_id": "php-process-0:5.3.3-22.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-process@5.3.3-22.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-bcmath-0:5.3.3-22.el6.x86_64",
"product": {
"name": "php-bcmath-0:5.3.3-22.el6.x86_64",
"product_id": "php-bcmath-0:5.3.3-22.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-bcmath@5.3.3-22.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-debuginfo-0:5.3.3-22.el6.x86_64",
"product": {
"name": "php-debuginfo-0:5.3.3-22.el6.x86_64",
"product_id": "php-debuginfo-0:5.3.3-22.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-debuginfo@5.3.3-22.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "php-imap-0:5.3.3-22.el6.x86_64",
"product": {
"name": "php-imap-0:5.3.3-22.el6.x86_64",
"product_id": "php-imap-0:5.3.3-22.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@5.3.3-22.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"product": {
"name": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"product_id": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-bigdecimal@1.1.0-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"product": {
"name": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"product_id": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby@1.9.3.327-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"product": {
"name": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"product_id": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-io-console@0.3-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"product": {
"name": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"product_id": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby-libs@1.9.3.327-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"product": {
"name": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"product_id": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-rdoc@3.9.4-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"product": {
"name": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"product_id": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby-doc@1.9.3.327-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"product": {
"name": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"product_id": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby-devel@1.9.3.327-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"product": {
"name": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"product_id": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-rubygem-json@1.5.4-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"product": {
"name": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"product_id": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby-tcltk@1.9.3.327-25.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"product": {
"name": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"product_id": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ruby193-ruby-debuginfo@1.9.3.327-25.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-0:2.26.0-10.el6.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src"
},
"product_reference": "graphviz-0:2.26.0-10.el6.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-0:2.26.0-10.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64"
},
"product_reference": "graphviz-0:2.26.0-10.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-debuginfo-0:2.26.0-10.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64"
},
"product_reference": "graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-devel-0:2.26.0-10.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64"
},
"product_reference": "graphviz-devel-0:2.26.0-10.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-doc-0:2.26.0-10.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64"
},
"product_reference": "graphviz-doc-0:2.26.0-10.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-gd-0:2.26.0-10.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64"
},
"product_reference": "graphviz-gd-0:2.26.0-10.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "graphviz-ruby-0:2.26.0-10.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64"
},
"product_reference": "graphviz-ruby-0:2.26.0-10.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-console-0:0.0.16-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch"
},
"product_reference": "openshift-console-0:0.0.16-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-console-0:0.0.16-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src"
},
"product_reference": "openshift-console-0:0.0.16-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-broker-0:1.0.11-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch"
},
"product_reference": "openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-broker-0:1.0.11-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src"
},
"product_reference": "openshift-origin-broker-0:1.0.11-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-broker-util-0:1.0.15-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch"
},
"product_reference": "openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-broker-util-0:1.0.15-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src"
},
"product_reference": "openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-0:1.9.3.327-25.el6.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src"
},
"product_reference": "ruby193-ruby-0:1.9.3.327-25.el6.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch"
},
"product_reference": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src"
},
"product_reference": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src"
},
"product_reference": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src"
},
"product_reference": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch"
},
"product_reference": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src"
},
"product_reference": "ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch"
},
"product_reference": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch"
},
"product_reference": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src"
},
"product_reference": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch"
},
"product_reference": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygems-0:1.8.23-25.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch"
},
"product_reference": "ruby193-rubygems-0:1.8.23-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch"
},
"product_reference": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.13-4.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch"
},
"product_reference": "rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-1:3.0.13-4.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src"
},
"product_reference": "rubygem-actionpack-1:3.0.13-4.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:3.0.13-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch"
},
"product_reference": "rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:3.0.13-3.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src"
},
"product_reference": "rubygem-activemodel-0:3.0.13-3.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch"
},
"product_reference": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.13-5.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch"
},
"product_reference": "rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-1:3.0.13-5.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src"
},
"product_reference": "rubygem-activerecord-1:3.0.13-5.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bson-0:1.8.1-2.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch"
},
"product_reference": "rubygem-bson-0:1.8.1-2.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bson-0:1.8.1-2.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src"
},
"product_reference": "rubygem-bson-0:1.8.1-2.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mongo-0:1.8.1-2.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch"
},
"product_reference": "rubygem-mongo-0:1.8.1-2.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mongo-0:1.8.1-2.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src"
},
"product_reference": "rubygem-mongo-0:1.8.1-2.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-mongo-doc-0:1.8.1-2.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch"
},
"product_reference": "rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch"
},
"product_reference": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src"
},
"product_reference": "rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch"
},
"product_reference": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src"
},
"product_reference": "rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch"
},
"product_reference": "rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch"
},
"product_reference": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src"
},
"product_reference": "rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch"
},
"product_reference": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.src as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src"
},
"product_reference": "rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch as a component of Red Hat OpenShift Enterprise Infrastructure",
"product_id": "6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
},
"product_reference": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-INFRA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch as a component of Red Hat OpenShift Enterprise JBoss EAP add-on",
"product_id": "6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-JBOSSEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src as a component of Red Hat OpenShift Enterprise JBoss EAP add-on",
"product_id": "6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-JBOSSEAP"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src"
},
"product_reference": "openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch"
},
"product_reference": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src"
},
"product_reference": "openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch"
},
"product_reference": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src"
},
"product_reference": "openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:5.3.3-22.el6.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src"
},
"product_reference": "php-0:5.3.3-22.el6.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-bcmath-0:5.3.3-22.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64"
},
"product_reference": "php-bcmath-0:5.3.3-22.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-debuginfo-0:5.3.3-22.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64"
},
"product_reference": "php-debuginfo-0:5.3.3-22.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:5.3.3-22.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64"
},
"product_reference": "php-devel-0:5.3.3-22.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:5.3.3-22.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64"
},
"product_reference": "php-imap-0:5.3.3-22.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mbstring-0:5.3.3-22.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64"
},
"product_reference": "php-mbstring-0:5.3.3-22.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-process-0:5.3.3-22.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64"
},
"product_reference": "php-process-0:5.3.3-22.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-0:1.9.3.327-25.el6.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src"
},
"product_reference": "ruby193-ruby-0:1.9.3.327-25.el6.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch"
},
"product_reference": "ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64"
},
"product_reference": "ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src"
},
"product_reference": "ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src"
},
"product_reference": "ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src"
},
"product_reference": "ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch"
},
"product_reference": "ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch"
},
"product_reference": "ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-railties-0:3.2.8-2.el6.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src"
},
"product_reference": "ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch"
},
"product_reference": "ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch"
},
"product_reference": "ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64 as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64"
},
"product_reference": "ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch"
},
"product_reference": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src"
},
"product_reference": "ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch"
},
"product_reference": "ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygems-0:1.8.23-25.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch"
},
"product_reference": "ruby193-rubygems-0:1.8.23-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch"
},
"product_reference": "ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:3.0.13-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch"
},
"product_reference": "rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:3.0.13-3.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src"
},
"product_reference": "rubygem-activemodel-0:3.0.13-3.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch"
},
"product_reference": "rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bson-0:1.8.1-2.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch"
},
"product_reference": "rubygem-bson-0:1.8.1-2.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bson-0:1.8.1-2.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src"
},
"product_reference": "rubygem-bson-0:1.8.1-2.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch"
},
"product_reference": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src"
},
"product_reference": "rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch"
},
"product_reference": "rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ruby_parser-0:2.0.4-6.el6op.src as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src"
},
"product_reference": "rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"relates_to_product_reference": "6Server-RHOSE-NODE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch as a component of Red Hat OpenShift Enterprise Node",
"product_id": "6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
},
"product_reference": "rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"relates_to_product_reference": "6Server-RHOSE-NODE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-2660",
"discovery_date": "2012-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "827353"
}
],
"notes": [
{
"category": "description",
"text": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2694.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Unsafe query generation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2660"
},
{
"category": "external",
"summary": "RHBZ#827353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2660",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2660"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2660",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2660"
}
],
"release_date": "2012-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Unsafe query generation"
},
{
"cve": "CVE-2012-2661",
"discovery_date": "2012-05-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "827363"
}
],
"notes": [
{
"category": "description",
"text": "The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: SQL injection when processing nested query paramaters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2661"
},
{
"category": "external",
"summary": "RHBZ#827363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=827363"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2661",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2661"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2661",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2661"
}
],
"release_date": "2012-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-activerecord: SQL injection when processing nested query paramaters"
},
{
"cve": "CVE-2012-2694",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2012-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "831581"
}
],
"notes": [
{
"category": "description",
"text": "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain \"[\u0027xyz\u0027, nil]\" values, a related issue to CVE-2012-2660.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2694"
},
{
"category": "external",
"summary": "RHBZ#831581",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831581"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2694",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2694"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2694"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: Unsafe query generation (a different flaw than CVE-2012-2660)"
},
{
"cve": "CVE-2012-2695",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2012-06-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "831573"
}
],
"notes": [
{
"category": "description",
"text": "The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2695"
},
{
"category": "external",
"summary": "RHBZ#831573",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=831573"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2695"
}
],
"release_date": "2012-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)"
},
{
"cve": "CVE-2012-3424",
"discovery_date": "2012-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "843711"
}
],
"notes": [
{
"category": "description",
"text": "The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3424"
},
{
"category": "external",
"summary": "RHBZ#843711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3424",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3424"
}
],
"release_date": "2012-07-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest"
},
{
"cve": "CVE-2012-3463",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847196"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: potential XSS vulnerability in select_tag prompt",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3463"
},
{
"category": "external",
"summary": "RHBZ#847196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847196"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3463",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3463"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: potential XSS vulnerability in select_tag prompt"
},
{
"cve": "CVE-2012-3464",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847199"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a \u0027 (quote) character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: potential XSS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3464"
},
{
"category": "external",
"summary": "RHBZ#847199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3464",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3464"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: potential XSS vulnerability"
},
{
"cve": "CVE-2012-3465",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2012-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "847200"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-actionpack: XSS Vulnerability in strip_tags",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3465"
},
{
"category": "external",
"summary": "RHBZ#847200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3465"
}
],
"release_date": "2012-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-actionpack: XSS Vulnerability in strip_tags"
},
{
"cve": "CVE-2012-4464",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2012-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "862598"
}
],
"notes": [
{
"category": "description",
"text": "Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainted, a different vulnerability than CVE-2012-4466. NOTE: this issue might exist because of a CVE-2011-1005 regression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "1.9.3: Possibility to bypass Ruby\u0027s $SAFE (level 4) semantics",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Not vulnerable. This issue did not affect the versions of ruby as shipped with Red Hat Enterprise Linux 5 and 6 as they did not provide version 1.9.x, which is the vulnerable version of ruby.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4464"
},
{
"category": "external",
"summary": "RHBZ#862598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4464",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4464"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4464",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4464"
}
],
"release_date": "2012-09-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "1.9.3: Possibility to bypass Ruby\u0027s $SAFE (level 4) semantics"
},
{
"cve": "CVE-2012-4466",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2012-10-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "862614"
}
],
"notes": [
{
"category": "description",
"text": "Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby: safe level bypass via name_err_mesg_to_str()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4466"
},
{
"category": "external",
"summary": "RHBZ#862614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4466",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4466"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4466",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4466"
}
],
"release_date": "2012-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ruby: safe level bypass via name_err_mesg_to_str()"
},
{
"cve": "CVE-2012-4522",
"cwe": {
"id": "CWE-626",
"name": "Null Byte Interaction Error (Poison Null Byte)"
},
"discovery_date": "2012-10-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "865940"
}
],
"notes": [
{
"category": "description",
"text": "The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby: unintentional file creation caused by inserting an illegal NUL character",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of ruby as shipped with Red Hat Enterprise Linux 6.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-4522"
},
{
"category": "external",
"summary": "RHBZ#865940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865940"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-4522",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4522"
}
],
"release_date": "2012-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ruby: unintentional file creation caused by inserting an illegal NUL character"
},
{
"cve": "CVE-2012-5371",
"discovery_date": "2012-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "875236"
}
],
"notes": [
{
"category": "description",
"text": "Ruby (aka CRuby) 1.9 before 1.9.3-p327 and 2.0 before r37575 computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against a variant of the MurmurHash2 algorithm, a different vulnerability than CVE-2011-4815.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Not vulnerable. This issue did not affect the versions of ruby as shipped with Red Hat Enterprise Linux 5 and 6.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-5371"
},
{
"category": "external",
"summary": "RHBZ#875236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-5371",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5371"
}
],
"release_date": "2012-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ruby: Murmur hash-flooding DoS flaw in ruby 1.9 (oCERT-2012-001)"
},
{
"cve": "CVE-2013-0155",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2013-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "892866"
}
],
"notes": [
{
"category": "description",
"text": "Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660 and CVE-2012-2694.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0155"
},
{
"category": "external",
"summary": "RHBZ#892866",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892866"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0155"
}
],
"release_date": "2013-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-activerecord: Unsafe Query Generation Risk in Ruby on Rails"
},
{
"acknowledgments": [
{
"names": [
"Michael Scherer"
],
"organization": "Red Hat Regional IT team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2013-0162",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2013-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "892806"
}
],
"notes": [
{
"category": "description",
"text": "The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-ruby_parser: incorrect temporary file usage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0162"
},
{
"category": "external",
"summary": "RHBZ#892806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892806"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0162",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0162"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0162",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0162"
}
],
"release_date": "2013-01-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "rubygem-ruby_parser: incorrect temporary file usage"
},
{
"cve": "CVE-2013-0276",
"discovery_date": "2013-02-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "909528"
}
],
"notes": [
{
"category": "description",
"text": "ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0276"
},
{
"category": "external",
"summary": "RHBZ#909528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=909528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0276",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0276"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0276",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0276"
}
],
"release_date": "2013-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-02-28T18:53:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
"product_ids": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:0582"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.src",
"6Server-RHOSE-INFRA:graphviz-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-debuginfo-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-devel-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-doc-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-gd-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:graphviz-ruby-0:2.26.0-10.el6.x86_64",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-console-0:0.0.16-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-0:1.0.11-1.el6op.src",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.noarch",
"6Server-RHOSE-INFRA:openshift-origin-broker-util-0:1.0.15-1.el6op.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-INFRA:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-INFRA:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-actionpack-1:3.0.13-4.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-INFRA:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-activerecord-1:3.0.13-5.el6op.src",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-mongo-0:1.8.1-2.el6op.src",
"6Server-RHOSE-INFRA:rubygem-mongo-doc-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-auth-remote-user-0:1.0.5-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-0:1.0.10-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-console-doc-0:1.0.10-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-openshift-origin-controller-0:1.0.12-1.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-INFRA:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-JBOSSEAP:openshift-origin-cartridge-jbosseap-6.0-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-cron-1.4-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-diy-0.1-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-haproxy-1.4-0:1.0.4-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jbossews-1.0-0:1.0.13-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-jenkins-client-1.4-0:1.0.2-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-mysql-5.1-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-perl-5.10-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-php-5.3-0:1.0.5-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-postgresql-8.4-0:1.0.3-2.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.8-0:1.0.7-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-cartridge-ruby-1.9-scl-0:1.0.8-1.el6op.src",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.noarch",
"6Server-RHOSE-NODE:openshift-origin-msg-node-mcollective-0:1.0.3-1.el6op.src",
"6Server-RHOSE-NODE:php-0:5.3.3-22.el6.src",
"6Server-RHOSE-NODE:php-bcmath-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-debuginfo-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-devel-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-imap-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-mbstring-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:php-process-0:5.3.3-22.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.src",
"6Server-RHOSE-NODE:ruby193-ruby-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-debuginfo-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-devel-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-doc-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-irb-0:1.9.3.327-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-ruby-libs-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-ruby-tcltk-0:1.9.3.327-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-actionpack-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activemodel-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-1:3.2.8-3.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-activerecord-doc-1:3.2.8-3.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-bigdecimal-0:1.1.0-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-io-console-0:0.3-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-json-0:1.5.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-minitest-0:2.5.1-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-0:3.2.8-2.el6.src",
"6Server-RHOSE-NODE:ruby193-rubygem-railties-doc-0:3.2.8-2.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rake-0:0.9.2.2-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-rdoc-0:3.9.4-25.el6.x86_64",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-0:2.3.1-3.el6op.src",
"6Server-RHOSE-NODE:ruby193-rubygem-ruby_parser-doc-0:2.3.1-3.el6op.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:ruby193-rubygems-devel-0:1.8.23-25.el6.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-activemodel-0:3.0.13-3.el6op.src",
"6Server-RHOSE-NODE:rubygem-activemodel-doc-0:3.0.13-3.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-bson-0:1.8.1-2.el6op.src",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-openshift-origin-node-0:1.0.11-1.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.noarch",
"6Server-RHOSE-NODE:rubygem-ruby_parser-0:2.0.4-6.el6op.src",
"6Server-RHOSE-NODE:rubygem-ruby_parser-doc-0:2.0.4-6.el6op.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…