rpm package
opensuse/rubygem-web-console&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rubygem-web-console&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-3224 | — | < 4.2.1-1.5 | 4.2.1-1.5 | Jul 26, 2015 | request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted reque |
- CVE-2015-3224Jul 26, 2015affected < 4.2.1-1.5fixed 4.2.1-1.5
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted reque