Oval Definition:	oval:org.opensuse.security:def:20160752
Revision Date: 2022-05-22 Version: 1 Title: CVE-2016-0752 Description: Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-0752 Mitre CVE-2016-0752 SUSE CVE-2016-0752 openSUSE-SU-2016:0363-1 openSUSE-SU-2016:0363-1 openSUSE-SU-2016:0372-1 openSUSE-SU-2016:0372-1 SUSE-SU-2016:0456-1 SUSE-SU-2016:0456-1 SUSE-SU-2016:0457-1 SUSE-SU-2016:0457-1 SUSE-SU-2016:0599-1 SUSE-SU-2016:0599-1 SUSE-SU-2016:0618-1 SUSE-SU-2016:0618-1 SUSE-SU-2016:0858-1 SUSE-SU-2016:0858-1 SUSE-SU-2016:1146-1 SUSE-SU-2016:1146-1 SUSE-SU-2017:0475-1 SUSE-SU-2017:0475-1 Platform(s): openSUSE 13.2 openSUSE Leap 42.1 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND portus-2.0.3-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND rubygem-actionpack-3_2-3.2.12-0.23 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information ruby2.1-rubygem-actionpack-4_2-4.2.2-6 is installed OR ruby2.1-rubygem-actionview-4_2-4.2.2-5 is installed Definition Synopsis openSUSE 13.2 is installed AND Package Information rubygem-actionpack-3_2-3.2.17-3.7.1 is installed OR rubygem-actionpack-3_2-doc-3.2.17-3.7.1 is installed OR rubygem-activerecord-3_2-3.2.17-3.3.1 is installed OR rubygem-activerecord-3_2-doc-3.2.17-3.3.1 is installed OR rubygem-activesupport-3_2-3.2.17-2.6.1 is installed OR rubygem-activesupport-3_2-doc-3.2.17-2.6.1 is installed Definition Synopsis SUSE OpenStack Cloud 5 is installed AND Package Information ruby2.1-rubygem-actionpack-4_1-4.1.9-9 is installed OR ruby2.1-rubygem-actionview-4_1-4.1.9-9 is installed OR rubygem-actionpack-4_1-4.1.9-9 is installed OR rubygem-actionview-4_1-4.1.9-9 is installed Definition Synopsis openSUSE Leap 42.1 is installed AND Package Information ruby2.1-rubygem-actionpack-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionpack-4_2 is signed with openSUSE key OR ruby2.1-rubygem-actionpack-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionpack-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-actionview-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionview-4_2 is signed with openSUSE key OR ruby2.1-rubygem-actionview-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-actionview-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activemodel-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activemodel-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activemodel-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activemodel-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activerecord-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activerecord-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activerecord-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activerecord-doc-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activesupport-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activesupport-4_2 is signed with openSUSE key OR ruby2.1-rubygem-activesupport-doc-4_2-4.2.4-6.1 is installed AND ruby2.1-rubygem-activesupport-doc-4_2 is signed with openSUSE key OR rubygem-actionpack-4_2-4.2.4-6.1 is installed AND rubygem-actionpack-4_2 is signed with openSUSE key OR rubygem-actionview-4_2-4.2.4-6.1 is installed AND rubygem-actionview-4_2 is signed with openSUSE key OR rubygem-activemodel-4_2-4.2.4-6.1 is installed AND rubygem-activemodel-4_2 is signed with openSUSE key OR rubygem-activerecord-4_2-4.2.4-6.1 is installed AND rubygem-activerecord-4_2 is signed with openSUSE key OR rubygem-activesupport-4_2-4.2.4-6.1 is installed AND rubygem-activesupport-4_2 is signed with openSUSE key Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information rubygem-actionmailer-4_2 is affected OR rubygem-activemodel-4_2 is affected Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-actionmailer-4_2 is affected OR ruby2.1-rubygem-activemodel-4_2 is affected Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND rubygem-actionpack-3_2-3.2.12-0.23.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 12 is installed OR SUSE Linux Enterprise Module for Containers 12 is installed OR SUSE Linux Enterprise Server 12 is installed OR SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP4 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND portus-2.0.3-2.4 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-actionmailer-4_2 is affected OR ruby2.1-rubygem-activemodel-4_2 is affected
BACK