SUSE-SU-2016:0858-1
Advisory lineage Upstream: 4 Downstream: 0
Published: 22 Mar 2016, 16:21
Last modified:04 Feb 2026, 04:06
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
22 Mar 2016, 16:21
Published
Vulnerability first disclosed
04 Feb 2026, 04:06
Last Modified
Vulnerability information updated
Description
Security update for rubygem-actionpack-4_1 This update for rubygem-actionpack-4_1 fixes the following issues: - CVE-2016-0751: Object Leak DoS (bsc#963331) - CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes (bsc#963335) - CVE-2016-0752: directory traversal and information leak in Action View (bsc#963332) - CVE-2015-7576: Timing attack vulnerability in basic authentication in Action Controller (bsc#963329)
Affected Systems
- suse•rubygem-actionpack-4_1&distro=SUSE OpenStack Cloud 5
< 4.1.9-9.1
References (9)
- https://www.suse.com/support/update/announcement/2016/suse-su-20160858-1/
- https://bugzilla.suse.com/963329
- https://bugzilla.suse.com/963331
- https://bugzilla.suse.com/963332
- https://bugzilla.suse.com/963335
- https://www.suse.com/security/cve/CVE-2015-7576
- https://www.suse.com/security/cve/CVE-2015-7581
- https://www.suse.com/security/cve/CVE-2016-0751
- https://www.suse.com/security/cve/CVE-2016-0752