Oval Definition:	oval:org.opensuse.security:def:20153224
Revision Date: 2022-06-30 Version: 1 Title: CVE-2015-3224 Description: request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2015-3224 SUSE CVE-2015-3224 Platform(s): openSUSE Tumbleweed Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND Package Information ruby2.7-rubygem-web-console-4.1.0-1.5 is installed OR ruby3.0-rubygem-web-console-4.1.0-1.5 is installed
BACK