CVE-2011-3186 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2011-3186 Interim 1 11 2023-12-08T02:58:10Z current 2021-05-30T12:59:29Z 2023-12-08T02:58:10Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2011-3186 CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2012-March/000065.html E-Mail link for SUSE-SU-2012:0434-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Studio Onsite Runner 1.2 rubygem-actionmailer-2_3-2.3.14-0.7.4.3 rubygem-actionpack-2_3-2.3.14-0.7.4.3 rubygem-activerecord-2_3-2.3.14-0.7.4.3 rubygem-activeresource-2_3-2.3.14-0.7.4.3 rubygem-activesupport-2_3-2.3.14-0.7.4.3 rubygem-rack-1.1.2-0.8.8.3 rubygem-rails-2_3-2.3.14-0.7.4.3 rubygem-actionmailer-2_3-2.3.14-0.7.4.3 as a component of SUSE Studio Onsite Runner 1.2 rubygem-actionpack-2_3-2.3.14-0.7.4.3 as a component of SUSE Studio Onsite Runner 1.2 rubygem-activerecord-2_3-2.3.14-0.7.4.3 as a component of SUSE Studio Onsite Runner 1.2 rubygem-activeresource-2_3-2.3.14-0.7.4.3 as a component of SUSE Studio Onsite Runner 1.2 rubygem-activesupport-2_3-2.3.14-0.7.4.3 as a component of SUSE Studio Onsite Runner 1.2 rubygem-rack-1.1.2-0.8.8.3 as a component of SUSE Studio Onsite Runner 1.2 rubygem-rails-2_3-2.3.14-0.7.4.3 as a component of SUSE Studio Onsite Runner 1.2 CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header. CVE-2011-3186 SUSE Studio Onsite Runner 1.2:rubygem-actionmailer-2_3-2.3.14-0.7.4.3 SUSE Studio Onsite Runner 1.2:rubygem-actionpack-2_3-2.3.14-0.7.4.3 SUSE Studio Onsite Runner 1.2:rubygem-activerecord-2_3-2.3.14-0.7.4.3 SUSE Studio Onsite Runner 1.2:rubygem-activeresource-2_3-2.3.14-0.7.4.3 SUSE Studio Onsite Runner 1.2:rubygem-activesupport-2_3-2.3.14-0.7.4.3 SUSE Studio Onsite Runner 1.2:rubygem-rack-1.1.2-0.8.8.3 SUSE Studio Onsite Runner 1.2:rubygem-rails-2_3-2.3.14-0.7.4.3 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N