Oval Definition:oval:org.opensuse.security:def:20131854
Revision Date:2021-08-15Version:1
Title:CVE-2013-1854
Description:

The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attackers to cause a denial of service via crafted input to a where method.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-1854
Mitre CVE-2013-1854
SUSE CVE-2013-1854
openSUSE-SU-2013:0659-1
openSUSE-SU-2013:0659-1
openSUSE-SU-2013:0660-1
openSUSE-SU-2013:0660-1
openSUSE-SU-2013:0664-1
openSUSE-SU-2013:0664-1
openSUSE-SU-2013:0667-1
openSUSE-SU-2013:0667-1
openSUSE-SU-2013:0668-1
openSUSE-SU-2013:0668-1
SUSE-SU-2013:0707-1
SUSE-SU-2013:0707-1
SUSE-SU-2013:0707-2
SUSE-SU-2013:0707-2
SUSE-SU-2013:1036-1
SUSE-SU-2013:1036-1
Platform(s):BDK 11 SP2
openSUSE 12.1
openSUSE 12.1 Update
openSUSE 12.2 Update
openSUSE 12.3 Update
SUSE Cloud 1.0
SUSE Lifecycle Management Server 1.3
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Studio Extension for System z 1.2
SUSE Studio Onsite 1.2 [Appliance - Studio]
SUSE Studio Onsite 1.3
SUSE Studio Standard Edition 1.2
WebYaST 1.2
WebYaST 1.3
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND rubygem-activerecord-3_2-3.2.12-0.11 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND
  • rubygem-actionpack-2_3-2.3.17-0.11 is installed
  • OR rubygem-activerecord-2_3-2.3.17-0.11 is installed
  • OR rubygem-activesupport-2_3-2.3.17-0.11 is installed
  • OR rubygem-activesupport-3_2-3.2.12-0.5 is installed
  • OR rubygem-rack-1_4-1.4.5-0.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND Package Information
  • rubygem-actionpack-2_3-2.3.17-0.11.1 is installed
  • OR rubygem-activerecord-2_3-2.3.17-0.11.1 is installed
  • OR rubygem-activesupport-2_3-2.3.17-0.11.1 is installed
  • OR rubygem-activesupport-3_2-3.2.12-0.5.8 is installed
  • OR rubygem-rack-1_4-1.4.5-0.5.8 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND rubygem-activerecord-3_2-3.2.12-0.11.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
  • AND
  • rubygem-actionpack-2_3-2.3.17-0.11.1 is installed
  • OR rubygem-activerecord-2_3-2.3.17-0.11.1 is installed
  • OR rubygem-activesupport-2_3-2.3.17-0.11.1 is installed
  • OR rubygem-activesupport-3_2-3.2.12-0.5.8 is installed
  • OR rubygem-rack-1_4-1.4.5-0.5.8 is installed
    • BACK