Oval Definition:
oval:com.ubuntu.cosmic:def:201620980000000
Revision Date
:
2016-04-07
Version
:
1
Title
:
CVE-2016-2098 on Ubuntu 18.10 (cosmic) - medium.
Description
:
Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2016-2098
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
rails package in cosmic, is related to the CVE in some way and has been fixed (note: '2:4.2.5.2-1').
BACK