{"id":"RHSA-2016:0455","summary":"Red Hat Security Advisory: ruby193 security update","modified":"2026-03-03T10:01:18Z","published":"2024-09-13T12:27:04Z","upstream":["CVE-2015-7576","CVE-2015-7577","CVE-2016-0751","CVE-2016-0752","CVE-2016-2097","CVE-2016-2098"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:0455"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301933"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301946"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301957"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301963"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310043"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310054"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0455.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7576"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7576"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7576"},{"type":"ARTICLE","url":"http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ANv0HDHEC3k/mt7wNGxbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2015-7577"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2015-7577"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7577"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/cawsWcQ6c8g/tegZtYdbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0751"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0751"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0751"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-0752"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-0752"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0752"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/335P1DcLG00/OfB9_LhbFQAJ"},{"type":"ARTICLE","url":"https://nvisium.com/blog/2016/01/26/rails-dynamic-render-to-rce-cve-2016-0752/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-2097"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-2097"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2097"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ddY6HgqB2z4/we0RasMZIAAJ"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2016-2098"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2016-2098"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2098"},{"type":"ARTICLE","url":"https://groups.google.com/forum/#!msg/rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ"}],"affected":[{"package":{"name":"ruby193-rubygem-actionpack","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ruby193-rubygem-actionpack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-16.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-actionpack-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ruby193-rubygem-actionpack-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-16.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-activerecord","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ruby193-rubygem-activerecord"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-11.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-activerecord-doc","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ruby193-rubygem-activerecord-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-11.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-activesupport","ecosystem":"Red Hat:rhel_software_collections:2::el6","purl":"pkg:rpm/redhat/ruby193-rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-6.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-actionpack","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ruby193-rubygem-actionpack"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-16.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-actionpack-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ruby193-rubygem-actionpack-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-16.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-activerecord","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ruby193-rubygem-activerecord"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-11.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-activerecord-doc","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ruby193-rubygem-activerecord-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-11.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}},{"package":{"name":"ruby193-rubygem-activesupport","ecosystem":"Red Hat:rhel_software_collections:2::el7","purl":"pkg:rpm/redhat/ruby193-rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.8-6.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2016:0455.json"}}],"schema_version":"1.7.3"}