Oval Definition:	oval:org.opensuse.security:def:20157577
Revision Date: 2022-05-22 Version: 1 Title: CVE-2015-7577 Description: activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote attackers to bypass intended change restrictions by leveraging use of the nested attributes feature. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-7577 Mitre CVE-2015-7577 SUSE CVE-2015-7577 openSUSE-SU-2016:0363-1 openSUSE-SU-2016:0363-1 openSUSE-SU-2016:0372-1 openSUSE-SU-2016:0372-1 SUSE-SU-2016:0458-1 SUSE-SU-2016:0458-1 SUSE-SU-2016:0598-1 SUSE-SU-2016:0598-1 SUSE-SU-2016:0619-1 SUSE-SU-2016:0619-1 SUSE-SU-2016:1146-1 SUSE-SU-2016:1146-1 SUSE-SU-2017:0475-1 SUSE-SU-2017:0475-1 Platform(s): openSUSE 13.2 openSUSE Leap 42.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND portus-2.0.3-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND rubygem-activerecord-3_2-3.2.12-0.15 is installed Definition Synopsis SUSE OpenStack Cloud 5 is installed AND Package Information ruby2.1-rubygem-activerecord-4_1-4.1.9-9 is installed OR rubygem-activerecord-4_1-4.1.9-9 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND ruby2.1-rubygem-activerecord-4_2-4.2.2-5 is installed Definition Synopsis openSUSE 13.2 is installed AND Package Information rubygem-actionpack-3_2-3.2.17-3.7.1 is installed OR rubygem-actionpack-3_2-doc-3.2.17-3.7.1 is installed OR rubygem-activerecord-3_2-3.2.17-3.3.1 is installed OR rubygem-activerecord-3_2-doc-3.2.17-3.3.1 is installed OR rubygem-activesupport-3_2-3.2.17-2.6.1 is installed OR rubygem-activesupport-3_2-doc-3.2.17-2.6.1 is installed Definition Synopsis openSUSE Leap 42.1 is installed AND Package Information ruby2.1-rubygem-actionpack-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionpack-4_2 is signed with openSUSE key OR ruby2.1-rubygem-actionpack-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionpack-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-actionview-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionview-4_2 is signed with openSUSE key OR ruby2.1-rubygem-actionview-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionview-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activemodel-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activemodel-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activemodel-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activemodel-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activerecord-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activerecord-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activerecord-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activerecord-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activesupport-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activesupport-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activesupport-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activesupport-doc-4_2 is signed with openSUSE key OR rubygem-actionpack-4_2-4.2.4-6.1 is installed AND rubygem-actionpack-4_2 is signed with openSUSE key OR rubygem-actionview-4_2-4.2.4-6.1 is installed AND rubygem-actionview-4_2 is signed with openSUSE key OR rubygem-activemodel-4_2-4.2.4-6.1 is installed AND rubygem-activemodel-4_2 is signed with openSUSE key OR rubygem-activerecord-4_2-4.2.4-6.1 is installed AND rubygem-activerecord-4_2 is signed with openSUSE key OR rubygem-activesupport-4_2-4.2.4-6.1 is installed AND rubygem-activesupport-4_2 is signed with openSUSE key Definition Synopsis SUSE OpenStack Cloud 7 is installed AND rubygem-activesupport-4_2 is affected Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND rubygem-activerecord-3_2-3.2.12-0.15.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 12 is installed OR SUSE Linux Enterprise Module for Containers 12 is installed OR SUSE Linux Enterprise Server 12 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND portus-2.0.3-2.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ruby2.1-rubygem-activesupport-4_2 is affected Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND ruby2.1-rubygem-activesupport-4_2 is affected
BACK