Описание
No description is available for this CVE.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | ruby193-rubygem-activerecord | Affected | ||
| OpenShift Enterprise 1 | ruby-rubygem-activerecord | Affected | ||
| Red Hat CloudForms Tools 1 | rubygem-activerecord | Will not fix | ||
| Red Hat Subscription Asset Manager | rubygem-activerecord | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-89
https://bugzilla.redhat.com/show_bug.cgi?id=889649rubygem-activerecord: find_by_* SQL Injection
6.4 Medium
CVSS2
Связанные уязвимости
nvd
около 13 лет назад
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6496, CVE-2012-6497. Reason: this candidate was intended for one issue, but the candidate was publicly used to label concerns about multiple products. Notes: All CVE users should consult CVE-2012-6496 and CVE-2012-6497 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.
6.4 Medium
CVSS2