Sha256: 78c3eded64c3cf8d92c7aad067761e85b261569e85d8eb2cd5c9f70223f82d9e

Contents?: true

Size: 726 Bytes

Versions: 13

Compression:

Stored size: 726 Bytes

Contents

--- 
gem: actionpack
framework: rails
cve: 2012-3424
osvdb: 84243
url: http://www.osvdb.org/show/osvdb/84243
title: 
  Ruby on Rails actionpack/lib/action_controller/metal/http_authentication.rb
  with_http_digest Helper Method Remote DoS
date: 2012-07-26

description: |
  Ruby on Rails contains a flaw that may allow a remote denial of service.
  The issue is triggered when an error occurs in
  actionpack/lib/action_controller/metal/http_authentication.rb when the
  with_http_digest helper method is being used. This may allow a remote
  attacker to cause a loss of availability for the program.

cvss_v2: 4.3

unaffected_versions:
  - ">= 2.3.5, <= 2.3.14"

patched_versions: 
  - ~> 3.0.16
  - ~> 3.1.7
  - ">= 3.2.7"

Version data entries

13 entries across 13 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.7 spec/fixtures/OSVDB-84243.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.6 spec/fixtures/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.5 spec/fixtures/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.4 spec/fixtures/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.2 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
mrjoy-bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
bundler-audit-0.3.0 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
mrjoy-bundler-audit-0.2.1 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
bundler-audit-0.2.0 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml
mrjoy-bundler-audit-0.1.4 data/ruby-advisory-db/gems/actionpack/OSVDB-84243.yml