04 Jan '13, 12pm

Ruby on Rails SQL Injection Flaw a Non-Issue for Most Organizations #ccureit

Ruby on Rails SQL Injection Flaw a Non-Issue for Most Organizations #ccureit

“The Ruby on Rails SQL injection flaw highlighted in CVE-2012-5664 is a non-issue for most organizations and application developers,” Moore told SecurityWeek . “The injection case is only possible when developers go out of their way to process user input in a non-standard way or have an even more significant flaw in their application, such as an exposed secret token.”

Full article: http://www.securityweek.com/ruby-rails-sql-injection-flaw...

Tweets

SQL Injection Flaw Haunts All Ruby on Rails Ver...

threatpost.com 03 Jan '13, 3pm

All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an atta...

Ruby on Rails has SQL injection vuln

theregister.co.uk 03 Jan '13, 10pm

The maintainers of Ruby on Rails are warning of an SQL injection vulnerability which affects all versions of the popular W...

All Ruby on Rails versions affected by SQL inje...

net-security.org 03 Jan '13, 3pm

Three new versions of popular open source web application framework Ruby on Rails have been released on Wednesday in order...

All Ruby On Rails Versions Suffer SQL Injection...

it.slashdot.org 03 Jan '13, 4pm

"All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an att...

Ruby on Rails updates address SQL injection fla...

computerworld.com 03 Jan '13, 3pm

IDG News Service - The developers of Ruby on Rails, a popular open source Web application development framework for the Ru...

Ruby on Rails security updates address SQL inje...

networkworld.com 03 Jan '13, 7pm

IDG News Service - The developers of Ruby on Rails, a popular Web application development framework for the Ruby programmi...

SQL Injection Flaw Haunts All Ruby on Rails Ver...

threatpost.com 03 Jan '13, 3pm

All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an atta...

All Ruby On Rails Versions Suffer SQL Injection...

it.slashdot.org 03 Jan '13, 4pm

"All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an att...

Ruby on Rails security updates address SQL inje...

news.techworld.com 03 Jan '13, 3pm

Ruby on Rails developers have released versions 3.2.10, 3.1.9, and 3.0.18 of the popular web application development frame...

Ruby on Rails security updates address SQL inje...

csoonline.com 04 Jan '13, 3pm

January 03, 2013 — IDG News Service — The developers of Ruby on Rails, a popular Web application development framework for...

Ruby on Rails security updates address SQL inje...

infoworld.com 03 Jan '13, 2pm

The developers of Ruby on Rails, a popular Web application development framework for the Ruby programming language, releas...

Ruby on Rails: vulnerabilità SQL Injection

blog.html.it 04 Jan '13, 11am

Recentemente è stata individuata una vulnerabilità a carico di Rails SQL che riguarderebbe tutte le versioni di Ruby on Ra...

Versões do Ruby on Rails Afetadas por SQL Injection

Versões do Ruby on Rails Afetadas por SQL Injec...

under-linux.org 04 Jan '13, 9pm

Três novas versões do popular framework Ruby on Rails, foi lançada na quarta-feira, a fim de corrigir uma vulnerabilidade ...

Ruby on Rails Security Flaw Severe, but Not Widespread: Researcher

Ruby on Rails Security Flaw Severe, but Not Wid...

eweek.com 04 Jan '13, 1am

A security researcher finds a way to steal information from Web applications designed with Ruby on Rails and using a third...

SQL Injection Flaw in Ruby on Rails, (Wed, Jan ...

isc.sans.edu 09 Jan '13, 2am

A SQL Injection Flaw (CVE-2012-5664) was announced last week (Jan 2) in Ruby on Rails, but I think we missed reporting on ...