FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  514534
Date:      2019-10-15
Time:      14:43:01Z
Committer: kai

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
f96044a2-7df9-414b-9f6b-6e5b85d06c86Rails -- Active Job vulnerability

Ruby on Rails blog:

Rails 4.2.11, 5.0.7.1, 5.1.6.1 and 5.2.1.1 have been released! These contain the following important security fixes, and it is recommended that users upgrade as soon as possible

CVE-2018-16476 Broken Access Control vulnerability in Active Job: Carefully crafted user input can cause Active Job to deserialize it using GlobalId and allow an attacker to have access to information that they should not have.


Discovery 2018-11-27
Entry 2018-12-02
rubygem-activejob4
lt 4.2.11

rubygem-activejob5
lt 5.1.6.1

rubygem-activejob50
lt 5.0.7.1

https://weblog.rubyonrails.org/2018/11/27/Rails-4-2-5-0-5-1-5-2-have-been-released/
CVE-2018-16476