RHSA-2016:0454
Advisory lineage Upstream: 7 Downstream: 0
Published: 13 Sept 2024, 12:26
Last modified:03 Mar 2026, 10:01
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
13 Sept 2024, 12:26
Published
Vulnerability first disclosed
03 Mar 2026, 10:01
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: ror40 security update
Affected Systems
- redhat•ror40-rubygem-actionpack
< 1:4.0.2-7.el6 | < 1:4.0.2-7.el7
- redhat•ror40-rubygem-actionpack-doc
< 1:4.0.2-7.el6 | < 1:4.0.2-7.el7
- redhat•ror40-rubygem-activerecord
< 1:4.0.2-6.el6 | < 1:4.0.2-6.el7
- redhat•ror40-rubygem-activerecord-doc
< 1:4.0.2-6.el6 | < 1:4.0.2-6.el7
- redhat•ror40-rubygem-activesupport
< 1:4.0.2-4.el6 | < 1:4.0.2-4.el7
References (41)
- https://access.redhat.com/errata/RHSA-2016:0454
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=1301933
- https://bugzilla.redhat.com/show_bug.cgi?id=1301946
- https://bugzilla.redhat.com/show_bug.cgi?id=1301957
- https://bugzilla.redhat.com/show_bug.cgi?id=1301963
- https://bugzilla.redhat.com/show_bug.cgi?id=1301981
- https://bugzilla.redhat.com/show_bug.cgi?id=1310043
- https://bugzilla.redhat.com/show_bug.cgi?id=1310054
- https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0454.json
- https://access.redhat.com/security/cve/CVE-2015-7576
- https://www.cve.org/CVERecord?id=CVE-2015-7576
- https://nvd.nist.gov/vuln/detail/CVE-2015-7576
- http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/
- https://groups.google.com/forum/#!msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ
- https://access.redhat.com/security/cve/CVE-2015-7577
- https://www.cve.org/CVERecord?id=CVE-2015-7577
- https://nvd.nist.gov/vuln/detail/CVE-2015-7577
- https://groups.google.com/forum/#!msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ
- https://access.redhat.com/security/cve/CVE-2015-7581
- https://www.cve.org/CVERecord?id=CVE-2015-7581
- https://nvd.nist.gov/vuln/detail/CVE-2015-7581
- https://groups.google.com/forum/#!msg/rubyonrails-security/dthJ5wL69JE/YzPnFelbFQAJ
- https://access.redhat.com/security/cve/CVE-2016-0751
- https://www.cve.org/CVERecord?id=CVE-2016-0751
- https://nvd.nist.gov/vuln/detail/CVE-2016-0751
- https://groups.google.com/forum/#!msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ
- https://access.redhat.com/security/cve/CVE-2016-0752
- https://www.cve.org/CVERecord?id=CVE-2016-0752
- https://nvd.nist.gov/vuln/detail/CVE-2016-0752
- https://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ
- https://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://access.redhat.com/security/cve/CVE-2016-2097
- https://www.cve.org/CVERecord?id=CVE-2016-2097
- https://nvd.nist.gov/vuln/detail/CVE-2016-2097
- https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ
- https://access.redhat.com/security/cve/CVE-2016-2098
- https://www.cve.org/CVERecord?id=CVE-2016-2098
- https://nvd.nist.gov/vuln/detail/CVE-2016-2098
- https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ