CVE-2015-3227

Debian Bug report logs - #790486 rails: CVE-2015-3226: XSS in ActiveSupport::JSONencode Package: src:rails; Maintainer for src:rails is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 29 Jun 2015 18:36:01 UTC Sever ...

Debian Bug report logs - #790487 rails: CVE-2015-3227: Possible Denial of Service attack in Active Support Package: src:rails; Maintainer for src:rails is Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 29 Jun 2015 1 ...

Multiple security issues have been discovered in the Ruby on Rails web application development framework, which may result in denial of service, cross-site scripting, information disclosure or bypass of input validation For the stable distribution (jessie), these problems have been fixed in version 2:418-1+deb8u1 For the unstable distribution ( ...

The (1) jdomrb and (2) rexmlrb components in Active Support in Ruby on Rails before 4111 and 42x before 422, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth ...