OpenRuby.com

03 Jan '13, 4pm

All Ruby On Rails Versions Suffer SQL Injection Flaw @slashdot

"All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications . The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the maintainers of Ruby on Rails have released new versions that fix the flaw, versions 3.2.10, 3.1.9 and 3.0.18. The advisory recommends that users running affected versions, which is essentially anyone using Ruby on Rails, upgrade immediately to one of the fixed versions, 3.2.10, 3.1.9 or 3.0.18. The vulnerability lies specifically in the Ruby on Rails framework, and its presence doesn't mean that all of the apps developed on vulnerable versions are susceptible to the bug."

Full article: http://it.slashdot.org/story/13/01/03/1631223/

Tweets

All Ruby On Rails Versions Suffer SQL Injection...

it.slashdot.org 03 Jan '13, 4pm

"All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an att...

All Ruby on Rails versions affected by SQL inje...

net-security.org 03 Jan '13, 3pm

Three new versions of popular open source web application framework Ruby on Rails have been released on Wednesday in order...

SQL Injection Flaw Haunts All Ruby on Rails Ver...

threatpost.com 03 Jan '13, 3pm

All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an atta...

SQL Injection Flaw Haunts All Ruby on Rails Ver...

threatpost.com 03 Jan '13, 3pm

All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an atta...

Ruby on Rails security updates address SQL inje...

news.techworld.com 03 Jan '13, 3pm

Ruby on Rails developers have released versions 3.2.10, 3.1.9, and 3.0.18 of the popular web application development frame...

Ruby on Rails updates address SQL injection fla...

computerworld.com 03 Jan '13, 3pm

IDG News Service - The developers of Ruby on Rails, a popular open source Web application development framework for the Ru...

Ruby on Rails has SQL injection vuln

theregister.co.uk 03 Jan '13, 10pm

The maintainers of Ruby on Rails are warning of an SQL injection vulnerability which affects all versions of the popular W...

Ruby on Rails security updates address SQL inje...

networkworld.com 03 Jan '13, 7pm

IDG News Service - The developers of Ruby on Rails, a popular Web application development framework for the Ruby programmi...

SQL injection vulnerability hits all Ruby on Ra...

h-online.com 03 Jan '13, 9am

The Ruby on Rails developers are warning of an SQL injection vulnerability that affects all current versions of the web fr...

SQL injection vulnerability hits all Ruby on Ra...

h-online.com 03 Jan '13, 9am

The Ruby on Rails developers are warning of an SQL injection vulnerability that affects all current versions of the web fr...

Ruby on Rails security updates address SQL inje...

infoworld.com 03 Jan '13, 2pm

The developers of Ruby on Rails, a popular Web application development framework for the Ruby programming language, releas...

#Anonymous #Cyberwar CVE-2012-5664 :All Ruby on...

ehackingnews.com 04 Jan '13, 1am

A SQL Injection vulnerability has been discovered in Ruby on Rails that affects all current versions of the web framework....

Injection SQL sur toutes les versions de Ruby o...

linuxfr.org 03 Jan '13, 5pm

(aka RoR, un framwork de développement web open source populaire et basé sur Ruby) viennent d'émettre une alerte concernan...

Ruby on Rails SQL Injection Flaw a Non-Issue for Most Organizations #ccureit

Ruby on Rails SQL Injection Flaw a Non-Issue fo...

securityweek.com 04 Jan '13, 12pm

“The Ruby on Rails SQL injection flaw highlighted in CVE-2012-5664 is a non-issue for most organizations and application d...

Ruby on Rails 3.2.10 Released to Address SQL In...

news.softpedia.com 03 Jan '13, 12pm

Ruby on Rails 3.2.10, 3.1.9, and 3.0.18 have been released to address an SQL Injection vulnerability in Active Record that...