FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f96044a2-7df9-414b-9f6b-6e5b85d06c86	Rails -- Active Job vulnerability Ruby on Rails blog: Rails 4.2.11, 5.0.7.1, 5.1.6.1 and 5.2.1.1 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible CVE-2018-16476 Broken Access Control vulnerability in Active Job: Carefully crafted user input can cause Active Job to deserialize it using GlobalId and allow an attacker to have access to information that they should not have. Discovery 2018-11-27 Entry 2018-12-02 rubygem-activejob4 < 4.2.11 rubygem-activejob5 < 5.1.6.1 rubygem-activejob50 < 5.0.7.1 https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/ CVE-2018-16476

VuXML ID

Description

f96044a2-7df9-414b-9f6b-6e5b85d06c86

Rails -- Active Job vulnerability

Ruby on Rails blog:

Rails 4.2.11, 5.0.7.1, 5.1.6.1 and 5.2.1.1 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible

CVE-2018-16476 Broken Access Control vulnerability in Active Job: Carefully crafted user input can cause Active Job to deserialize it using GlobalId and allow an attacker to have access to information that they should not have.

Discovery 2018-11-27
Entry 2018-12-02
rubygem-activejob4

< 4.2.11

rubygem-activejob5

< 5.1.6.1

rubygem-activejob50

< 5.0.7.1

https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/
CVE-2018-16476