Not vulnerable. This issue did not affect the versions of rubygem-activerecord as shipped with CloudForms, OpenShift Enterprise 1 and 2, Red Hat Enterprise Linux OpenStack Platform 3 and 4, Red Hat Software Collections 1 and Subscription Asset Manager as they did not include the vulnerable code.
CVSS v2 metrics
NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Affected Packages State
|Red Hat Subscription Asset Manager 1||ruby193-rubygem-activerecord||Not affected|
|Red Hat Software Collections 1 for Red Hat Enterprise Linux||ruby193-rubygem-activerecord||Not affected|
|Red Hat Software Collections 1 for Red Hat Enterprise Linux||ror40-rubygem-activerecord||Not affected|
|Red Hat Satellite 6||ruby193-rubygem-activerecord||Not affected|
|Red Hat OpenShift Enterprise 1||ruby193-rubygem-activerecord||Not affected|
|Red Hat Enterprise Linux OpenStack Platform 4.0||ruby193-rubygem-activerecord||Not affected|
|Red Hat Enterprise Linux OpenStack Platform 3.0||ruby193-rubygem-activerecord||Not affected|
AcknowledgementsRed Hat would like to thank the Ruby on Rails Project for reporting this issue. Upstream acknowledges Godfrey Chan as the original reporter.
CVE description copyright © 2017, The MITRE Corporation