CVE-2012-3464 (retired)

Priority
Description
Cross-site scripting (XSS) vulnerability in
activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby
on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might
allow remote attackers to inject arbitrary web script or HTML via vectors
involving a ' (quote) character.
Package
Source: rails (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [contains no code])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (contains no code)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [code not present])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Upstream:not-affected
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-09-19 15:41:22 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)