Vulnerability Name:

CVE-2013-1857 (CCN-82923)

Assigned:2013-03-18
Published:2013-03-18
Updated:2019-08-08
Summary:The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Cross-Site Scripting
References:Source: MITRE
Type: CNA
CVE-2013-1857

Source: APPLE
Type: UNKNOWN
APPLE-SA-2013-06-04-1

Source: APPLE
Type: UNKNOWN
APPLE-SA-2013-10-22-5

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2013:0661

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2013:0662

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2014:0019

Source: CCN
Type: RHSA-2013-0698
Moderate: rubygem-actionpack and ruby193-rubygem-actionpack security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:0698

Source: CCN
Type: RHSA-2014-1863
Important: Subscription Asset Manager 1.4 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2014:1863

Source: CCN
Type: SA52656
Ruby on Rails Multiple Vulnerabilities

Source: CCN
Type: Apple Web site
About the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT5784

Source: CCN
Type: Ruby on Rails Web Site
Rails 3.2.13, 3.1.12, and 2.3.18 have been released!

Source: CONFIRM
Type: UNKNOWN
http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/

Source: CCN
Type: IBM Security Bulletin 1646819
IBM Security Network Protection can be affected by Cross-Site Scripting and Symbol Denial of Service vulnerabilities in Ruby on Rails (CVE-2013-1854, CVE-2013-1857, CVE-2013-1855)

Source: DEBIAN
Type: DSA-2655
rails -- several vulnerabilities

Source: CCN
Type: BID-58555
Ruby on Rails CVE-2013-1857 Cross Site Scripting Vulnerability

Source: XF
Type: UNKNOWN
rubyonrails-cve20131857-xss(82923)

Source: MLIST
Type: UNKNOWN
[rubyonrails-security] 20130318 [CVE-2013-1857] XSS Vulnerability in the `sanitize` helper of Ruby on Rails

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2013-1857

Vulnerable Configuration:Configuration 1:
  • cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:rubyonrails:rails:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.9.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.10.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.11.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.11.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.12.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.13.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.13.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.14.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.14.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.14.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:0.14.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.0:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:1.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.9:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:2.3.16:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:0.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:* (Version <= 2.3.17)

    • Configuration 3:
  • cpe:/a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.4:-:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:ruby_on_rails:3.1.11:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:rubyonrails:rails:3.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.4:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.7:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.10:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.2:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.4:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.1:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.1.5:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.6:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.8:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.9:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.13:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.12:-:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*
  • AND
  • cpe:/o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:26181
    P
    		Security update for mozilla-nss (Important)
    2021-12-06
    oval:org.opensuse.security:def:26117
    P
    		Security update for xen (Important)
    2021-09-02
    oval:org.opensuse.security:def:26105
    P
    		Security update for MozillaFirefox (Important)
    2021-08-17
    oval:org.opensuse.security:def:26106
    P
    		Security update for libmspack (Moderate)
    2021-08-17
    oval:org.opensuse.security:def:20131857
    V
    		CVE-2013-1857
    2021-08-15
    oval:org.opensuse.security:def:36556
    P
    		rubygem-actionpack-3_2-3.2.12-0.19.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26784
    P
    		mono-core on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27519
    P
    		nagios on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26531
    P
    		coolkey on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26823
    P
    		star on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26309
    P
    		Security update for haproxy (Important)
    2020-12-01
    oval:org.opensuse.security:def:27554
    P
    		rubygem-actionpack-3_2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26682
    P
    		cyrus-imapd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26837
    P
    		vte on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26390
    P
    		Security update for ark (Low)
    2020-12-01
    oval:org.opensuse.security:def:26735
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26881
    P
    		dbus-1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26447
    P
    		Security update for pdns (Important)
    2020-12-01
    oval:org.mitre.oval:def:17839
    P
    		DSA-2655-1 rails - several
    2014-06-23
    oval:com.ubuntu.artful:def:20131857000
    V
    		CVE-2013-1857 on Ubuntu 17.10 (artful) - medium.
    2013-03-19
    oval:com.ubuntu.trusty:def:20131857000
    V
    		CVE-2013-1857 on Ubuntu 14.04 LTS (trusty) - medium.
    2013-03-19
    oval:com.ubuntu.cosmic:def:201318570000000
    V
    		CVE-2013-1857 on Ubuntu 18.10 (cosmic) - medium.
    2013-03-19
    oval:com.ubuntu.bionic:def:20131857000
    V
    		CVE-2013-1857 on Ubuntu 18.04 LTS (bionic) - medium.
    2013-03-19
    oval:com.ubuntu.xenial:def:20131857000
    V
    		CVE-2013-1857 on Ubuntu 16.04 LTS (xenial) - medium.
    2013-03-19
    oval:com.ubuntu.bionic:def:201318570000000
    V
    		CVE-2013-1857 on Ubuntu 18.04 LTS (bionic) - medium.
    2013-03-19
    oval:com.ubuntu.cosmic:def:20131857000
    V
    		CVE-2013-1857 on Ubuntu 18.10 (cosmic) - medium.
    2013-03-19
    oval:com.ubuntu.xenial:def:201318570000000
    V
    		CVE-2013-1857 on Ubuntu 16.04 LTS (xenial) - medium.
    2013-03-19
    oval:com.ubuntu.precise:def:20131857000
    V
    		CVE-2013-1857 on Ubuntu 12.04 LTS (precise) - medium.
    2013-03-19
    BACK
    redhat enterprise linux 6.0
    rubyonrails rails 0.9.1
    rubyonrails rails 0.9.2
    rubyonrails rails 0.9.3
    rubyonrails rails 0.9.4
    rubyonrails rails 0.9.4.1
    rubyonrails rails 0.10.0
    rubyonrails rails 0.10.1
    rubyonrails rails 0.11.0
    rubyonrails rails 0.11.1
    rubyonrails rails 0.12.0
    rubyonrails rails 0.12.1
    rubyonrails rails 0.13.0
    rubyonrails rails 0.13.1
    rubyonrails rails 0.14.1
    rubyonrails rails 0.14.2
    rubyonrails rails 0.14.3
    rubyonrails rails 0.14.4
    rubyonrails rails 1.0.0
    rubyonrails rails 1.1.0
    rubyonrails rails 1.1.1
    rubyonrails rails 1.1.2
    rubyonrails rails 1.1.3
    rubyonrails rails 1.1.4
    rubyonrails rails 1.1.5
    rubyonrails rails 1.1.6
    rubyonrails rails 1.2.0
    rubyonrails rails 1.2.1
    rubyonrails rails 1.2.2
    rubyonrails rails 1.2.3
    rubyonrails rails 1.2.4
    rubyonrails rails 1.2.5
    rubyonrails rails 1.2.6
    rubyonrails rails 1.9.5
    rubyonrails rails 2.0.0
    rubyonrails rails 2.0.0 rc1
    rubyonrails rails 2.0.0 rc2
    rubyonrails rails 2.0.1
    rubyonrails rails 2.0.2
    rubyonrails rails 2.0.4
    rubyonrails rails 2.1.0
    rubyonrails rails 2.1.1
    rubyonrails rails 2.1.2
    rubyonrails rails 2.2.0
    rubyonrails rails 2.2.1
    rubyonrails rails 2.2.2
    rubyonrails rails 2.3.0
    rubyonrails rails 2.3.1
    rubyonrails rails 2.3.2
    rubyonrails rails 2.3.3
    rubyonrails rails 2.3.4
    rubyonrails rails 2.3.9
    rubyonrails rails 2.3.10
    rubyonrails rails 2.3.11
    rubyonrails rails 2.3.12
    rubyonrails rails 2.3.13
    rubyonrails rails 2.3.14
    rubyonrails rails 2.3.15
    rubyonrails rails 2.3.16
    rubyonrails ruby on rails 0.5.0
    rubyonrails ruby on rails 0.5.5
    rubyonrails ruby on rails 0.5.6
    rubyonrails ruby on rails 0.5.7
    rubyonrails ruby on rails 0.6.0
    rubyonrails ruby on rails 0.6.5
    rubyonrails ruby on rails 0.7.0
    rubyonrails ruby on rails 0.8.0
    rubyonrails ruby on rails 0.8.5
    rubyonrails ruby on rails 0.9.0
    rubyonrails ruby on rails *
    rubyonrails rails 3.0.0
    rubyonrails rails 3.0.0 beta
    rubyonrails rails 3.0.0 beta2
    rubyonrails rails 3.0.0 beta3
    rubyonrails rails 3.0.0 beta4
    rubyonrails rails 3.0.0 rc
    rubyonrails rails 3.0.0 rc2
    rubyonrails rails 3.0.1
    rubyonrails rails 3.0.1 pre
    rubyonrails rails 3.0.2
    rubyonrails rails 3.0.2 pre
    rubyonrails rails 3.0.3
    rubyonrails rails 3.0.4 rc1
    rubyonrails rails 3.0.5
    rubyonrails rails 3.0.5 rc1
    rubyonrails rails 3.0.6
    rubyonrails rails 3.0.6 rc1
    rubyonrails rails 3.0.6 rc2
    rubyonrails rails 3.0.7
    rubyonrails rails 3.0.7 rc1
    rubyonrails rails 3.0.7 rc2
    rubyonrails rails 3.0.8
    rubyonrails rails 3.0.8 rc1
    rubyonrails rails 3.0.8 rc2
    rubyonrails rails 3.0.8 rc3
    rubyonrails rails 3.0.8 rc4
    rubyonrails rails 3.0.9
    rubyonrails rails 3.0.9 rc1
    rubyonrails rails 3.0.9 rc2
    rubyonrails rails 3.0.9 rc3
    rubyonrails rails 3.0.9 rc4
    rubyonrails rails 3.0.9 rc5
    rubyonrails rails 3.0.10
    rubyonrails rails 3.0.10 rc1
    rubyonrails rails 3.0.11
    rubyonrails rails 3.0.12
    rubyonrails rails 3.0.12 rc1
    rubyonrails rails 3.0.13
    rubyonrails rails 3.0.13 rc1
    rubyonrails rails 3.0.14
    rubyonrails rails 3.0.16
    rubyonrails rails 3.0.17
    rubyonrails rails 3.0.18
    rubyonrails rails 3.0.19
    rubyonrails rails 3.0.20
    rubyonrails ruby on rails 3.0.4
    rubyonrails rails 3.1.0
    rubyonrails rails 3.1.0 beta1
    rubyonrails rails 3.1.0 rc1
    rubyonrails rails 3.1.0 rc2
    rubyonrails rails 3.1.0 rc3
    rubyonrails rails 3.1.0 rc4
    rubyonrails rails 3.1.0 rc5
    rubyonrails rails 3.1.0 rc6
    rubyonrails rails 3.1.0 rc7
    rubyonrails rails 3.1.0 rc8
    rubyonrails rails 3.1.1
    rubyonrails rails 3.1.1 rc1
    rubyonrails rails 3.1.1 rc2
    rubyonrails rails 3.1.1 rc3
    rubyonrails rails 3.1.2
    rubyonrails rails 3.1.2 rc1
    rubyonrails rails 3.1.2 rc2
    rubyonrails rails 3.1.3
    rubyonrails rails 3.1.4
    rubyonrails rails 3.1.4 rc1
    rubyonrails rails 3.1.5
    rubyonrails rails 3.1.5 rc1
    rubyonrails rails 3.1.6
    rubyonrails rails 3.1.7
    rubyonrails rails 3.1.8
    rubyonrails rails 3.1.9
    rubyonrails rails 3.1.10
    rubyonrails ruby on rails 3.1.11
    rubyonrails rails 3.2.0
    rubyonrails rails 3.2.0 rc1
    rubyonrails rails 3.2.0 rc2
    rubyonrails rails 3.2.1
    rubyonrails rails 3.2.2
    rubyonrails rails 3.2.2 rc1
    rubyonrails rails 3.2.3
    rubyonrails rails 3.2.3 rc1
    rubyonrails rails 3.2.3 rc2
    rubyonrails rails 3.2.4
    rubyonrails rails 3.2.4 rc1
    rubyonrails rails 3.2.5
    rubyonrails rails 3.2.6
    rubyonrails rails 3.2.7
    rubyonrails rails 3.2.8
    rubyonrails rails 3.2.9
    rubyonrails rails 3.2.10
    rubyonrails rails 3.2.11
    rubyonrails rails 3.2.12
    rubyonrails ruby on rails 3.0.1
    rubyonrails ruby on rails 3.0.2
    rubyonrails ruby on rails 3.0.3
    rubyonrails ruby on rails 3.0.4
    rubyonrails ruby on rails 3.0.7
    rubyonrails ruby on rails 3.0.10
    rubyonrails ruby on rails 3.0.11
    rubyonrails ruby on rails 3.1.2
    rubyonrails ruby on rails 3.1.4
    rubyonrails ruby on rails 3.1.0
    rubyonrails ruby on rails 3.1.3
    rubyonrails ruby on rails 3.1.1
    rubyonrails ruby on rails 3.1.6
    rubyonrails ruby on rails 3.1.5
    rubyonrails ruby on rails 3.0.6
    rubyonrails ruby on rails 3.0.16
    rubyonrails ruby on rails 3.0.8
    rubyonrails ruby on rails 3.0.5
    rubyonrails ruby on rails 3.0.17
    rubyonrails ruby on rails 3.0.1 pre
    rubyonrails ruby on rails 3.0.2 pre
    rubyonrails ruby on rails 3.0.9
    rubyonrails ruby on rails 3.0.14
    rubyonrails ruby on rails 3.0.13
    rubyonrails ruby on rails 3.0.12
    rubyonrails ruby on rails 3.0.0 beta4
    rubyonrails ruby on rails 3.0.0 beta
    rubyonrails ruby on rails 3.0.0 beta
    rubyonrails ruby on rails 3.0.0 beta3
    rubyonrails ruby on rails 3.0.0 beta2
    apple mac os x 10.8.2
    apple mac os x 10.8.3
    apple mac os x 10.8.1
    apple mac os x 10.8
    apple mac os x 10.8
    apple mac os x 10.8.1
    apple mac os x 10.8.2
    apple mac os x 10.8.3
    apple mac os x 10.8.4
    apple mac os x 10.8.5