Untriaged
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable …
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
References
- https://security-tracker.debian.org/tracker/CVE-2010-3299 x_refsource_MISC
- https://access.redhat.com/security/cve/cve-2010-3299 x_refsource_MISC
- [oss-security] 20100914 Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi mailing-list x_refsource_MLIST
- https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf x_refsource_MISC
- https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf x_refsource_MISC x_transferred
- https://security-tracker.debian.org/tracker/CVE-2010-3299 x_refsource_MISC x_transferred
- https://access.redhat.com/security/cve/cve-2010-3299 x_refsource_MISC x_transferred
- [oss-security] 20100914 Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi mailing-list x_refsource_MLIST x_transferred
- https://security-tracker.debian.org/tracker/CVE-2010-3299 x_refsource_MISC
- https://access.redhat.com/security/cve/cve-2010-3299 x_refsource_MISC
- [oss-security] 20100914 Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi mailing-list x_refsource_MLIST
- https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf x_refsource_MISC
- [oss-security] 20100914 Re: CVE request: padding oracle attack: ruby on rails 2.3, owasp esapi mailing-list x_refsource_MLIST x_transferred
- https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf x_refsource_MISC x_transferred
- https://security-tracker.debian.org/tracker/CVE-2010-3299 x_refsource_MISC x_transferred
- https://access.redhat.com/security/cve/cve-2010-3299 x_refsource_MISC x_transferred
Affected products
rails
- ==2.3
Matching in nixpkgs
pkgs.grails
Full stack, web application framework for the JVM
pkgs.rails-new
Generate new Rails applications without having to install Ruby
pkgs.rubyPackages.rails
None
pkgs.rubyPackages_3_1.rails
None
pkgs.rubyPackages_3_2.rails
None
pkgs.rubyPackages_3_3.rails
None
pkgs.rubyPackages_3_4.rails
None
pkgs.rubyPackages_4_0.rails
None
pkgs.hyprlandPlugins.hyprtrails
Hyprland smooth trails behind moving windows plugin
pkgs.rubyPackages.rails-dom-testing
None
pkgs.rubyPackages.rails-html-sanitizer
None
pkgs.rubyPackages_3_1.rails-dom-testing
None
pkgs.rubyPackages_3_2.rails-dom-testing
None
pkgs.rubyPackages_3_3.rails-dom-testing
None
pkgs.rubyPackages_3_4.rails-dom-testing
None
pkgs.rubyPackages_4_0.rails-dom-testing
None
pkgs.rubyPackages_3_1.rails-html-sanitizer
None
pkgs.rubyPackages_3_2.rails-html-sanitizer
None
pkgs.rubyPackages_3_3.rails-html-sanitizer
None
pkgs.rubyPackages_3_4.rails-html-sanitizer
None
Package maintainers
-
@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
-
@khaneliman Austin Horstman <khaneliman12@gmail.com>
-
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
-
@NotAShelf NotAShelf <raf@notashelf.dev>
-
@donovanglover Donovan Glover
-
@fufexan Fufezan Mihai <fufexan@protonmail.com>
-
@coat Kent Smith <kentsmith@gmail.com>