The Latest in IT Security

Ruby on Rails Updated to Prevent Hackers from Stealing Files from Application Server

07
May
2014

Ruby on Rails versions 3.2.18, 4.0.5 and 4.1.1 are available for download. The updates address a serious vulnerability so users are advised to update their installations as soon as possible.

The vulnerability has been assigned the CVE identifier CVE-2014-0130 and it affects all supported versions of Ruby on Rails. It impacts the implicit render functionality which allows controllers to render a template even if theres no explicit action with the correspondent name.

Related posts:
  1. Important Security Fixes Included in Ruby on Rails 4.0.2 and 3.2.16
  2. WarnerBros.com and Kickstarter.com Exposed Due to Ruby on Rails Vulnerability
  3. DOS, XSS and Data Injection Flaws Fixed in Rails 4.0.3, 3.2.17 and 4.1.0.beta2
  4. 1,897 Web Sites Affected by Ruby on Rails Vulnerability
  5. OpenSSL 1.0.1g Released to Prevent Hackers from Eavesdropping on Communications

Tags:  
Written by Softpedia
0 Comments
Comments are closed.

Categories

SATURDAY, APRIL 27, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments