Oval Definition:oval:org.opensuse.security:def:20153226
Revision Date:2022-06-30Version:1
Title:CVE-2015-3226
Description:

Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted Hash that is mishandled during JSON encoding.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-3226
Mitre CVE-2015-3226
SUSE CVE-2015-3226
SUSE-SU-2016:0082-1
SUSE-SU-2016:0082-1
Platform(s):openSUSE Tumbleweed
SUSE OpenStack Cloud 5
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 5 is installed
  • AND Package Information
  • ruby2.1-rubygem-activesupport-4_1-4.1.9-9 is installed
  • OR rubygem-activesupport-4_1-4.1.9-9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-activesupport-4_2-4.2.2-2 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • rubygem-actionmailer-4_2 is affected
  • OR rubygem-actionpack-4_2 is affected
  • OR rubygem-actionview-4_2 is affected
  • OR rubygem-activejob-4_2 is affected
  • OR rubygem-activemodel-4_2 is affected
  • OR rubygem-activerecord-4_2 is affected
  • OR rubygem-activesupport-4_2 is affected
  • OR rubygem-rails-4_2 is affected
  • OR rubygem-railties-4_2 is affected
  • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • ruby2.2-rubygem-activesupport-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.2-rubygem-activesupport-5_0-5.0.0.1-1.1 is installed
  • OR ruby2.2-rubygem-activesupport-doc-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.2-rubygem-activesupport-doc-5_0-5.0.0.1-1.1 is installed
  • OR ruby2.3-rubygem-activesupport-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.3-rubygem-activesupport-5_0-5.0.0.1-1.1 is installed
  • OR ruby2.3-rubygem-activesupport-doc-4_2-4.2.7.1-1.1 is installed
  • OR ruby2.3-rubygem-activesupport-doc-5_0-5.0.0.1-1.1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionmailer-4_2 is affected
  • OR ruby2.1-rubygem-actionpack-4_2 is affected
  • OR ruby2.1-rubygem-actionview-4_2 is affected
  • OR ruby2.1-rubygem-activejob-4_2 is affected
  • OR ruby2.1-rubygem-activemodel-4_2 is affected
  • OR ruby2.1-rubygem-activerecord-4_2 is affected
  • OR ruby2.1-rubygem-activesupport-4_2 is affected
  • OR ruby2.1-rubygem-rails-4_2 is affected
  • OR ruby2.1-rubygem-railties-4_2 is affected
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionmailer-4_2 is affected
  • OR ruby2.1-rubygem-actionpack-4_2 is affected
  • OR ruby2.1-rubygem-actionview-4_2 is affected
  • OR ruby2.1-rubygem-activejob-4_2 is affected
  • OR ruby2.1-rubygem-activemodel-4_2 is affected
  • OR ruby2.1-rubygem-activerecord-4_2 is affected
  • OR ruby2.1-rubygem-activesupport-4_2 is affected
  • OR ruby2.1-rubygem-rails-4_2 is affected
  • OR ruby2.1-rubygem-railties-4_2 is affected
  • BACK