Sha256: c81219350fe9bb73a7d92318a394977bcafc28968be2ea90e3ce8496a9fb36a5

Contents?: true

Size: 450 Bytes

Versions: 6

Compression:

Stored size: 450 Bytes

Contents

---
gem: spree
osvdb: 125712
url: https://spreecommerce.com/blog/security-issue-all-versions
title: |
  Product Scopes could allow for unauthenticated remote command execution
date: 2012-07-02
description: |
  Product Scopes could allow for unauthenticated remote command execution.
  This was corrected by removing conditions_any scope and use ARel query
  building instead.
patched_versions:
  - ~> 0.11.4
  - ~> 0.70.6
  - ~> 1.0.5
  - ">= 1.1.2"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/spree/OSVDB-125712.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/spree/OSVDB-125712.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/spree/OSVDB-125712.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/spree/OSVDB-125712.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/spree/OSVDB-125712.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/spree/OSVDB-125712.yml