CVE-2012-1098 Medium Severity Vulnerability detected by WhiteSource #46
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2012-1098 - Medium Severity Vulnerability
path: /tmp/git/sample_app/Gemfile.lock
Library home page: http://rubygems.org/gems/rails-3.0.1.gem
Dependency Hierarchy:
Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods.
Publish Date: 2012-03-13
URL: CVE-2012-1098
Base Score Metrics not available
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=799275
Release Date: 2017-12-31
Fix Resolution: Upgrade to version rubygem-activesupport 3.0.12, rubygem-activesupport 3.1.4, rubygem-activesupport 3.2.2 or greater
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: