Oval Definition:	oval:com.ubuntu.precise:def:20153227000
Revision Date: 2015-07-26 Version: 1 Title: CVE-2015-3227 on Ubuntu 12.04 LTS (precise) - low. Description: The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-3227 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'rails' package in precise is not affected (note: 'contains no code'). OR The vulnerability of the 'ruby-actionpack-2.3' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'ruby-activerecord-2.3' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'ruby-activesupport-2.3' package in precise is not known (status: 'needs-triage'). It is pending evaluation. OR The vulnerability of the 'ruby-rails-2.3' package in precise is not known (status: 'needs-triage'). It is pending evaluation.
BACK