Download
| Alert*
oval:org.secpod.oval:def:104651
Implements the ActiveRecord pattern for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. oval:org.secpod.oval:def:505985 Ruby on Rails is a model-view-controller framework for web application development. Action Pack implements the controller and the view components. A flaw was found in the way Ruby on Rails performed JSON parameter parsing. An application using a third party library, which uses the Rack::Request int ... oval:org.secpod.oval:def:106499 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:14156 The host is installed with Apple Mac OS X Server 10.6.8 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which does not properly consider differences in parameter handling. Successful exploitation could allow an attacker to execute arbitrary code. oval:org.secpod.oval:def:600950 An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges. oval:org.secpod.oval:def:104788 Implements the ActiveRecord pattern for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. oval:org.secpod.oval:def:104782 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:104778 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:106479 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:104483 Implements the ActiveRecord pattern for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. oval:org.secpod.oval:def:104480 Utility library which carries commonly used classes and goodies from the Rails framework oval:org.secpod.oval:def:400481 This update updates the RubyOnRails 2.3 stack to 2.3.16. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions was ... oval:org.secpod.oval:def:14174 The host is missing an important security update according to Apple advisory, APPLE-SA-2013-06-04-1. The update is required to fix multiple vulnerabilities. The flaw are present in the application, which fails to handle a crafted application. Successful exploitation could allow attackers to crash th ... oval:org.secpod.oval:def:104509 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:104505 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:104503 Utility library which carries commonly used classes and goodies from the Rails framework oval:org.secpod.oval:def:400486 This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2 ... oval:org.secpod.oval:def:104502 Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework. oval:org.secpod.oval:def:104494 Utility library which carries commonly used classes and goodies from the Rails framework oval:org.secpod.oval:def:104492 Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn"t require a browser. oval:org.secpod.oval:def:104513 Implements the ActiveRecord pattern for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. oval:org.secpod.oval:def:104653 Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework. oval:org.secpod.oval:def:104499 Implements the ActiveRecord pattern for ORM. It ties database tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. oval:org.secpod.oval:def:104495 Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework. |