SUSE-SU-2016:0457-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 15 Feb 2016, 13:25
Last modified:04 Feb 2026, 02:15
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
15 Feb 2016, 13:25
Published
Vulnerability first disclosed
04 Feb 2026, 02:15
Last Modified
Vulnerability information updated
Description
Security update for rubygem-actionpack-4_2 This update for rubygem-actionpack-4_2 fixes the following issues: - CVE-2016-0751: Object Leak DoS (bsc#963331) - CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes (bsc#963335) - CVE-2016-0752: directory traversal and information leak in Action View (bsc#963332) - CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller (bsc#963329)
Affected Systems
- suse•rubygem-actionpack-4_2&distro=SUSE Enterprise Storage 2.1
< 4.2.2-6.1
References (9)
- https://www.suse.com/support/update/announcement/2016/suse-su-20160457-1/
- https://bugzilla.suse.com/963329
- https://bugzilla.suse.com/963331
- https://bugzilla.suse.com/963332
- https://bugzilla.suse.com/963335
- https://www.suse.com/security/cve/CVE-2015-7576
- https://www.suse.com/security/cve/CVE-2015-7581
- https://www.suse.com/security/cve/CVE-2016-0751
- https://www.suse.com/security/cve/CVE-2016-0752