This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
bb0ef21d-0e1b-461b-bc3d-9cba39948888 | rails -- multiple vulnerabilities Ruby on Rails blog:
Discovery 2016-01-25 Entry 2016-02-02 rubygem-actionpack < 3.2.22.1 rubygem-actionpack4 < 4.2.5.1 rubygem-actionview < 4.2.5.1 rubygem-activemodel4 < 4.2.5.1 rubygem-activerecord < 3.2.22.1 rubygem-activerecord4 < 4.2.5.1 rubygem-rails < 3.2.22.1 rubygem-rails-html-sanitizer < 1.0.3 rubygem-rails4 < 4.2.5.1 CVE-2015-7576 CVE-2015-7577 CVE-2015-7581 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753 https://groups.google.com/d/msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ https://groups.google.com/d/msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ https://groups.google.com/d/msg/rubyonrails-security/dthJ5wL69JE/YzPnFelbFQAJ https://groups.google.com/d/msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ https://groups.google.com/d/msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ https://groups.google.com/d/msg/rubyonrails-security/6jQVC1geukQ/8oYETcxbFQAJ http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/ |
db0c4b00-a24c-11e2-9601-000d601460a4 | rubygem-rails -- multiple vulnerabilities Ruby on Rails team reports:
Discovery 2013-03-18 Entry 2013-04-10 rubygem-rails < 3.2.13 rubygem-actionpack < 3.2.13 rubygem-activerecord < 3.2.13 rubygem-activesupport < 3.2.13 CVE-2013-1854 CVE-2013-1856 CVE-2013-1856 CVE-2013-1857 http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/ https://groups.google.com/forum/#!topic/ruby-security-ann/o0Dsdk2WrQ0 https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/4_QHo4BqnN8 https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/KZwsQbYsOiI https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/zAAU7vGTPvI |
6a806960-3016-44ed-8575-8614a7cb57c7 | rails -- multiple vulnerabilities Rails weblog:
Discovery 2013-12-03 Entry 2013-12-08 Modified 2014-04-23 rubygem-actionmailer < 3.2.16 rubygem-actionpack < 3.2.16 rubygem-activemodel < 3.2.16 rubygem-activerecord < 3.2.16 rubygem-activeresource < 3.2.16 rubygem-activesupport < 3.2.16 rubygem-rails < 3.2.16 rubygem-railties < 3.2.16 rubygem-actionpack4 < 4.0.2 rubygem-activesupport4 < 4.0.2 CVE-2013-4491 CVE-2013-6414 CVE-2013-6415 CVE-2013-6416 CVE-2013-6417 http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/ |
be77eff6-ca91-11e0-aea3-00215c6a37bb | rubygem-rails -- multiple vulnerabilities SecurityFocus reports:
Discovery 2011-08-16 Entry 2011-08-19 rubygem-rails < 3.0.10 49179 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b http://groups.google.com/group/rubyonrails-security/browse_thread/thread/3420ac71aed312d6 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6ffc93bde0298768 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/56bffb5923ab1195 |
5a016dd0-8aa8-490e-a596-55f4cc17e4ef | rails -- multiple vulnerabilities Ruby on Rails blog:
Discovery 2016-02-29 Entry 2016-03-06 rubygem-actionpack < 3.2.22.2 rubygem-actionpack4 < 4.2.5.2 rubygem-actionview < 4.2.5.2 rubygem-rails < 3.2.22.2 rubygem-rails4 < 4.2.5.2 CVE-2016-2097 CVE-2016-2098 https://groups.google.com/d/msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ https://groups.google.com/d/msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ http://weblog.rubyonrails.org/2016/2/29/Rails-4-2-5-2-4-1-14-2-3-2-22-2-have-been-released/ |
eb8a8978-8dd5-49ce-87f4-49667b2166dd | rubygem-rails -- multiple vulnerabilities Ruby on Rails blog:
Discovery 2015-06-16 Entry 2015-06-17 rubygem-activesupport < 3.2.22 rubygem-activesupport4 < 4.2.2 rubygem-jquery-rails < 3.1.3 rubygem-jquery-rails4 < 4.0.4 rubygem-rack < 1.4.6 rubygem-rack15 < 1.5.4 rubygem-rack16 < 1.6.2 rubygem-rails < 3.2.22 rubygem-rails4 < 4.2.2 rubygem-web-console < 2.1.3 CVE-2015-1840 CVE-2015-3224 CVE-2015-3225 CVE-2015-3226 CVE-2015-3227 http://weblog.rubyonrails.org/2015/6/16/Rails-3-2-22-4-1-11-and-4-2-2-have-been-released-and-more/ |
ca5d3272-59e3-11e2-853b-00262d5ed8ee | rubygem-rails -- multiple vulnerabilities Ruby on Rails team reports:
Discovery 2013-01-08 Entry 2013-01-08 rubygem-rails < 3.2.11 rubygem-actionpack < 3.2.11 rubygem-activerecord < 3.2.11 rubygem-activesupport < 3.2.11 CVE-2013-0155 CVE-2013-0156 http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/ https://groups.google.com/forum/?fromgroups#!topic/rubyonrails-security/t1WFuuQyavI https://groups.google.com/forum/?fromgroups#!topic/rubyonrails-security/61bkgvnSGTQ |
31db9a18-e289-11e1-a57d-080027a27dbf | rubygem-rails -- multiple vulnerabilities Rails core team reports:
Discovery 2012-08-08 Entry 2012-08-10 rubygem-rails < 3.2.8 rubygem-actionpack < 3.2.8 rubygem-activesupport < 3.2.8 CVE-2012-3463 CVE-2012-3464 CVE-2012-3465 https://groups.google.com/d/msg/rubyonrails-security/fV3QUToSMSw/eHBSFOUYHpYJ https://groups.google.com/d/msg/rubyonrails-security/kKGNeMrnmiY/r2yM7xy-G48J https://groups.google.com/d/msg/rubyonrails-security/FgVEtBajcTY/tYLS1JJTu38J http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/ |
b4051b52-58fa-11e2-853b-00262d5ed8ee | rubygem-rails -- SQL injection vulnerability Ruby on Rails team reports:
Discovery 2013-01-02 Entry 2013-01-07 rubygem-rails < 3.2.10 CVE-2012-5664 https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM |
8e8b8b94-7f1d-11dd-a66a-0019666436c2 | rubygem-rails -- SQL injection vulnerability Jonathan Weiss reports, that it is possible to perform an SQL injection in Rails applications via not correctly sanitized :limit and :offset parameters. It is possible to change arbitrary values in affected tables or gain access to the sensitive data. Discovery 2008-09-08 Entry 2008-09-10 Modified 2010-05-12 rubygem-rails < 2.2.2 CVE-2008-4094 http://blog.innerewut.de/2008/6/16/why-you-should-upgrade-to-rails-2-1 |