cve-2011-2930
Vulnerability from cvelistv5
Published
2011-08-29 18:00
Modified
2024-08-06 23:15
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110817 CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/17/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/13"
},
{
"name": "FEDORA-2011-11386",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html"
},
{
"name": "[oss-security] 20110819 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/11"
},
{
"name": "DSA-2301",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2301"
},
{
"name": "[oss-security] 20110820 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/20/1"
},
{
"name": "[rubyonrails-security] 20110816 SQL Injection Vulnerability in quote_table_name",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=731438"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-23T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110817 CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/17/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/13"
},
{
"name": "FEDORA-2011-11386",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html"
},
{
"name": "[oss-security] 20110819 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/11"
},
{
"name": "DSA-2301",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2301"
},
{
"name": "[oss-security] 20110820 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/20/1"
},
{
"name": "[rubyonrails-security] 20110816 SQL Injection Vulnerability in quote_table_name",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=731438"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110817 CVE request: ruby on rails flaws (4)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/17/1"
},
{
"name": "https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85",
"refsource": "CONFIRM",
"url": "https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/13"
},
{
"name": "FEDORA-2011-11386",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html"
},
{
"name": "[oss-security] 20110819 Re: CVE request: ruby on rails flaws (4)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/19/11"
},
{
"name": "DSA-2301",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2301"
},
{
"name": "[oss-security] 20110820 Re: CVE request: ruby on rails flaws (4)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/20/1"
},
{
"name": "[rubyonrails-security] 20110816 SQL Injection Vulnerability in quote_table_name",
"refsource": "MLIST",
"url": "http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/14"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=731438",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=731438"
},
{
"name": "[oss-security] 20110822 Re: CVE request: ruby on rails flaws (4)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/5"
},
{
"name": "http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6",
"refsource": "CONFIRM",
"url": "http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2930",
"datePublished": "2011-08-29T18:00:00",
"dateReserved": "2011-07-27T00:00:00",
"dateUpdated": "2024-08-06T23:15:31.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50EEAFDA-7782-4E1E-9058-205AD4BE9A01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAC748BB-BFC5-44F7-B633-CEEBB1279889\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"38CF2C31-70BB-41D3-9462-0A8B9869A5F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8584B37-7950-4C89-83D2-04E1ACDC60BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8CB26F65-5CFB-4BF8-BCC4-679327D4A8DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF12EA5D-5EB5-46A8-AC60-65B327D610AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87B4B121-94BD-4E0F-8860-6239890043B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63CF211C-683E-4F7D-8C62-05B153AC1960\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"456A2F7E-CC66-48C4-B028-353D2976837A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B1CDAFA-2AC6-4C46-9E65-0BE9127E770F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F9806A84-2160-40EA-9960-AE7756CE4E0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07EC67D4-3D0F-4FF9-8197-71175DCB2723\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1467583-23E9-4E2B-982D-80A356174BB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC784C0-5618-4C32-8C17-BE7041656E14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFB9ABB5-1F78-4CF0-BA82-7833E0F7A56E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF3ED96F-3EA4-4E47-A559-9DF9A7D3DDE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B38EAA4-E948-45A7-B6E5-7214F2B545E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6ECC8C49-5A46-4D23-81F9-8243F5D508DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"312848C5-BA35-4A48-B66D-195A5E1CD00F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3BE7DFE-BA20-434B-A1DE-AD038B255C60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCEE5B21-C990-4705-8239-0D7B29DAEDA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"65EE33B1-B079-4CDE-B9C2-F1613A4610DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CAAA20B-824F-4448-99DC-9712FE628073\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2BEBDFB-0F30-454A-B74C-F820C9D2708B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D7CD8C1-95D1-477E-AD96-6582EC33BA01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6F00D98-3D0F-40AF-AE4F-090B1E6B660C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9476CE55-69C0-45D3-B723-6F459C90BF05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*\", \"matchCriteriaId\": \"486F5BA6-BCF7-4691-9754-19D364B4438D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"112FC73B-A8BC-4EEA-9F4B-CCE685EF2838\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4498383-6FCA-4E17-A1FD-B0CE7EE50F85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D26565B1-2BA6-4A3C-9264-7FC9A1820B59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"644EF85E-6D3E-4F5C-96B0-49AD2A2D90CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"392E2D58-CB39-4832-B4D9-9C2E23B8E14C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F2466EA-7039-46A1-B4A3-8DACD1953A59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CAB4E72-0A15-4B26-9B69-074C278568D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A085E105-9375-440A-80CB-9B23E6D7EB4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"25911E48-C5D7-4ED8-B4DB-7523A74CCF49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B29674E3-CC80-446B-9A43-82594AE7A058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF34D8CB-2B6D-4CB8-A206-108293BCFFE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"272268EE-E3E8-4683-B679-55D748877A7E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B69FD33-61FE-4F10-BBE1-215F59035D30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"08D7CB5D-82EF-4A24-A792-938FAB40863D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A044B21-47D5-468D-AF4A-06B3B5CC0824\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2196F3D0-532A-40F9-843A-1DFBC8B63FDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBEDA932-6CB5-438C-94E4-824732A91BE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"903E5524-5E45-48CE-A804-EDAEBE3A79AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"08534AF2-F94E-4FB6-A572-4FB9827276D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"29E3B4A6-1346-4358-B7BC-84D00ED3ABBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"B52D7A6B-DD93-45F0-9186-18ABEFF28DF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A1CB1B12-99F5-430F-AE19-9A95C17FA123\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F884F2F4-94F3-46CB-860B-1BCC0EEF408A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"88DFBB48-1C29-4639-9369-F5B413CA2337\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D37696D7-BEE6-4587-9E33-A7FE24780409\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"E95B5D44-0C8D-47BC-A89D-48A5BDEB84F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DFDAF6A-76AA-436F-A4F3-DA69892DE2B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"224BD488-0D7E-4F8B-9012-DE872DEB544C\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de inyecci\\u00f3n SQL en el m\\u00e9todo quote_table_name en el adaptador ActiveRecord de activerecord/lib/active_record/connection_adapters/ in Ruby on Rails antes de v2.3.13, v3.0.x antes de v3.0.10, y v3.1.x antes de v3.1.0.rc5, permite a atacantes remotos ejecutar comandos SQL de su elecci\\u00f3n a trav\\u00e9s de un nombre de columna modificado.\"}]",
"id": "CVE-2011-2930",
"lastModified": "2024-11-21T01:29:17.973",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2011-08-29T18:55:01.457",
"references": "[{\"url\": \"http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.debian.org/security/2011/dsa-2301\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/17/1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/19/11\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/20/1\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/22/13\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/22/14\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/22/5\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=731438\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.debian.org/security/2011/dsa-2301\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/17/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/19/11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/20/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/22/13\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/22/14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2011/08/22/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=731438\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2011-2930\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-08-29T18:55:01.457\",\"lastModified\":\"2024-11-21T01:29:17.973\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote attackers to execute arbitrary SQL commands via a crafted column name.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en el m\u00e9todo quote_table_name en el adaptador ActiveRecord de activerecord/lib/active_record/connection_adapters/ in Ruby on Rails antes de v2.3.13, v3.0.x antes de v3.0.10, y v3.1.x antes de v3.1.0.rc5, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de un nombre de columna modificado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50EEAFDA-7782-4E1E-9058-205AD4BE9A01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAC748BB-BFC5-44F7-B633-CEEBB1279889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"38CF2C31-70BB-41D3-9462-0A8B9869A5F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8584B37-7950-4C89-83D2-04E1ACDC60BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CB26F65-5CFB-4BF8-BCC4-679327D4A8DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF12EA5D-5EB5-46A8-AC60-65B327D610AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87B4B121-94BD-4E0F-8860-6239890043B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63CF211C-683E-4F7D-8C62-05B153AC1960\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"456A2F7E-CC66-48C4-B028-353D2976837A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1CDAFA-2AC6-4C46-9E65-0BE9127E770F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9806A84-2160-40EA-9960-AE7756CE4E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07EC67D4-3D0F-4FF9-8197-71175DCB2723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1467583-23E9-4E2B-982D-80A356174BB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC784C0-5618-4C32-8C17-BE7041656E14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB9ABB5-1F78-4CF0-BA82-7833E0F7A56E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3ED96F-3EA4-4E47-A559-9DF9A7D3DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B38EAA4-E948-45A7-B6E5-7214F2B545E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ECC8C49-5A46-4D23-81F9-8243F5D508DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"312848C5-BA35-4A48-B66D-195A5E1CD00F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3BE7DFE-BA20-434B-A1DE-AD038B255C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCEE5B21-C990-4705-8239-0D7B29DAEDA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"65EE33B1-B079-4CDE-B9C2-F1613A4610DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAAA20B-824F-4448-99DC-9712FE628073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2BEBDFB-0F30-454A-B74C-F820C9D2708B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D7CD8C1-95D1-477E-AD96-6582EC33BA01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6F00D98-3D0F-40AF-AE4F-090B1E6B660C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9476CE55-69C0-45D3-B723-6F459C90BF05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*\",\"matchCriteriaId\":\"486F5BA6-BCF7-4691-9754-19D364B4438D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"112FC73B-A8BC-4EEA-9F4B-CCE685EF2838\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4498383-6FCA-4E17-A1FD-B0CE7EE50F85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26565B1-2BA6-4A3C-9264-7FC9A1820B59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"644EF85E-6D3E-4F5C-96B0-49AD2A2D90CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"392E2D58-CB39-4832-B4D9-9C2E23B8E14C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F2466EA-7039-46A1-B4A3-8DACD1953A59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CAB4E72-0A15-4B26-9B69-074C278568D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A085E105-9375-440A-80CB-9B23E6D7EB4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25911E48-C5D7-4ED8-B4DB-7523A74CCF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29674E3-CC80-446B-9A43-82594AE7A058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF34D8CB-2B6D-4CB8-A206-108293BCFFE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"272268EE-E3E8-4683-B679-55D748877A7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B69FD33-61FE-4F10-BBE1-215F59035D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08D7CB5D-82EF-4A24-A792-938FAB40863D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A044B21-47D5-468D-AF4A-06B3B5CC0824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2196F3D0-532A-40F9-843A-1DFBC8B63FDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEDA932-6CB5-438C-94E4-824732A91BE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"903E5524-5E45-48CE-A804-EDAEBE3A79AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"08534AF2-F94E-4FB6-A572-4FB9827276D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E3B4A6-1346-4358-B7BC-84D00ED3ABBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B52D7A6B-DD93-45F0-9186-18ABEFF28DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1CB1B12-99F5-430F-AE19-9A95C17FA123\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F884F2F4-94F3-46CB-860B-1BCC0EEF408A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"88DFBB48-1C29-4639-9369-F5B413CA2337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D37696D7-BEE6-4587-9E33-A7FE24780409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E95B5D44-0C8D-47BC-A89D-48A5BDEB84F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DFDAF6A-76AA-436F-A4F3-DA69892DE2B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"224BD488-0D7E-4F8B-9012-DE872DEB544C\"}]}]}],\"references\":[{\"url\":\"http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2301\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/17/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/19/11\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/20/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/22/13\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/22/14\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/22/5\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=731438\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://groups.google.com/group/rubyonrails-security/msg/b1a85d36b0f9dd30?dmode=source\u0026output=gplain\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.debian.org/security/2011/dsa-2301\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/17/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/19/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/20/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/22/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/22/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/22/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=731438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/rails/rails/commit/8a39f411dc3c806422785b1f4d5c7c9d58e4bf85\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.