Oval Definition:	oval:com.ubuntu.trusty:def:20153227000
Revision Date: 2015-07-26 Version: 1 Title: CVE-2015-3227 on Ubuntu 14.04 LTS (trusty) - low. Description: The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-3227 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND Package Information NOT While related to the CVE in some way, the 'rails' package in trusty is not affected (note: 'contains no code'). OR NOT While related to the CVE in some way, the 'rails-4.0' package in trusty is not affected (note: '4.0.2+dfsg-2'). OR NOT While related to the CVE in some way, the 'ruby-actionpack-3.2' package in trusty is not affected (note: 'code not present'). OR NOT While related to the CVE in some way, the 'ruby-activerecord-3.2' package in trusty is not affected (note: 'code not present'). OR The 'ruby-activesupport-3.2' package in trusty is affected and needs fixing. OR NOT While related to the CVE in some way, the 'ruby-rails-3.2' package in trusty is not affected (note: 'code not present').
BACK