{"affected":[{"ecosystem_specific":{"binaries":[{"ruby2.1-rubygem-activesupport-4_1":"4.1.9-9.2"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"rubygem-activesupport-4_1","purl":"pkg:rpm/suse/rubygem-activesupport-4_1&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1.9-9.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\n\n  This update fixes the following security issues:\n\n - CVE-2015-3227: Possible Denial of Service\n  attack in Active Support (bnc#934800)\n\n - CVE-2015-3226:  XSS Vulnerability in\n  ActiveSupport::JSON (bnc#934799)\n\n","id":"SUSE-SU-2016:0082-1","modified":"2016-01-12T10:24:18Z","published":"2016-01-12T10:24:18Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20160082-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/934799"},{"type":"REPORT","url":"https://bugzilla.suse.com/934800"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3226"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3227"}],"related":["CVE-2015-3226","CVE-2015-3227"],"summary":"Security update for rubygem-activesupport-4_1","upstream":["CVE-2015-3226","CVE-2015-3227"]}