VDB
RHSA-2016%3A0454
RHSA-2016%3A0454
PUBLISHED
Updated ror40-rubygem-actionpack and ror40-rubygem-activerecord packages that fix multiple security issues are now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) | ||
| ror40 | ||
| Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) |
Exploit Intelligence
- forced-request/rails-rce-cve-2016-0752 (github-poc-repo)
- forced-request/rails-rce-cve-2016-0752 (github-poc-repo)
- forced-request/rails-rce-cve-2016-0752 (github-poc-repo)
- Proof of concept showing how CVE-2016-2098 leads to remote code execution (github-poc-repo)
- Proof of concept showing how CVE-2016-2098 leads to remote code execution (github-poc-repo)
- Proof of concept showing how CVE-2016-2098 leads to remote code execution (github-poc-repo)
- dachidahu/CVE-2016-0752 (github-poc-repo)
- dachidahu/CVE-2016-0752 (github-poc-repo)
- dachidahu/CVE-2016-0752 (github-poc-repo)
- A PoC of CVE-2016-2098 (rails4.2.5.1 / view render) (github-poc-repo)
…and 111 more exploits
Timeline
- Mar 15, 2016 CVE Published
- Mar 2, 2026 CVE Updated
- Apr 2, 2026 Distribution Patch
- Apr 2, 2026 Distribution Patch
- Apr 2, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2016:0454 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://bugzilla.redhat.com/show_bug.cgi?id=1301933 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1301946 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1301957 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1301963 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1301981 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1310043 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1310054 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0454.json advisory