09 Jan '13, 3am

Ruby on Rails に複数の脆弱性

US-CERT Vulnerability Note VU#380039 Ruby on Rails contains multiple vulnerabilities in parameter parsing in the Action Pack framework

Full article: http://jvn.jp/cert/JVNVU94771138/

Tweets

Any Ruby on Rails app is, badly, utterly, pwned...

groups.google.com 09 Jan '13, 3am

Dieser Browser wird nicht unterstützt.

Unsafe Query Generation Risk in Ruby on Rails (...

groups.google.com 08 Jan '13, 8pm

Dieser Browser wird nicht unterstützt.

「Ruby on Rails」に複数の脆弱性、対策を呼びかけ(JVN) | ScanNetSe...

scan.netsecurity.ne.jp 09 Jan '13, 9am

独立行政法人 情報処理推進機構(IPA)および一般社団法人 JPCERT コーディネーションセンター(JPCERT/CC)は1月9日、「Ruby on Rails」に複数の脆弱性が存在すると「Japan Vulnerability Notes(...

Ruby on Rails patches more critical vulnerabilities: Those using the Ruby on Rails web application framework on

Ruby on Rails patches more critical vulnerabili...

news.hitb.org 09 Jan '13, 10am

Those using the Ruby on Rails web application framework on their websites are being advised to update the software immedia...

Critical Flaws Patched in Ruby on Rails

threatpost.com 08 Jan '13, 9pm

"There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentica...

Ruby on Rails Market Place for finding a car sh...

freelancer.com 09 Jan '13, 3am

Project Description: I want to build a site that serves as a competitor to both http://www.centraldispatch.com/ and http:/...

Rails vulnerabilities are not Rails'

revision-zero.org 12 Jan '13, 6pm

Would it make sense for Rails controllers to accept YAML-encoded parameters? Of course it does. URL-encoded, XML, and JSON...

Serious vulnerability in Ruby on Rails allowing...

reddit.com 08 Jan '13, 11pm

An attacker can execute any ruby code he wants including system("unix command"). This effects any rails version for the la...

New flaw in Ruby on Rails:

New flaw in Ruby on Rails:

infosecurity-magazine.com 09 Jan '13, 1pm

Earlier today the Internet Storm Center (ISC) reported , “A SQL Injection Flaw (CVE-2012-5664) was announced last week (Ja...

Ruby on Rails vulnerable to six year old flaw

zdnet.com 09 Jan '13, 1am

A critical vulnerability has been discovered in Ruby on Rails that affects almost every version of the framework. A contri...

Critical vulnerability in Ruby on Rails paramet...

h-online.com 09 Jan '13, 11am

The developers of Ruby on Rails are calling on users to update their Rails installations as soon as possible, following th...

Ruby on Rails Marketplace site by zbruhnke: I h...

freelancer.com 07 Jan '13, 4pm

I have an idea for a site I want built. Some of the development I may do myself but I'd like to find someone to work on th...

Ruby on Rails

insinuator.net 08 Jan '13, 9pm

As you might remember YAML formatted parameters are not enabled by default in Rails due to YAML (or more specifically the ...

Read @adamjodonnell's insights on the latest Ru...

blog.sourcefire.com 09 Jan '13, 8pm

A little under 24 hours ago two major, long-standing vulnerabilities were announced in the popular web programming framewo...

Pls : #ruby #rails

The tickets, ticket quantity or date and time you've requested are no longer available, due to previous sales. Please choo...