Oval Definition:oval:org.opensuse.security:def:20143514
Revision Date:2022-06-30Version:1
Title:CVE-2014-3514
Description:

activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes create_with calls.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-3514
Mitre CVE-2014-3514
SUSE CVE-2014-3514
Platform(s):openSUSE Tumbleweed
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-railties-4_2-4.2.2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND ruby2.5-rubygem-railties-5_1-5.1.4-1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 is installed
  • OR SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-railties-5_1-5.1.4-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND rubygem-railties-4_2 is affected
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-railties-5_1-5.1.4-1 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • ruby2.2-rubygem-railties-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.2-rubygem-railties-5_0-5.0.0.1-1.1 is installed
  • OR ruby2.2-rubygem-railties-doc-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.2-rubygem-railties-doc-5_0-5.0.0.1-1.1 is installed
  • OR ruby2.3-rubygem-railties-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.3-rubygem-railties-5_0-5.0.0.1-1.1 is installed
  • OR ruby2.3-rubygem-railties-doc-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.3-rubygem-railties-doc-5_0-5.0.0.1-1.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-railties-5_1-5.1.4-1.27 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 is installed
  • OR SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND ruby2.5-rubygem-railties-5_1-5.1.4-1.27 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ruby2.1-rubygem-railties-4_2 is affected
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND ruby2.1-rubygem-railties-4_2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP1 is installed
  • OR SUSE Linux Enterprise Server 15 SP1 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • OR SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND ruby2.5-rubygem-railties-5_1-5.1.4-1.27 is installed
    • BACK