{"affected":[{"ecosystem_specific":{"binaries":[{"ruby2.1-rubygem-activerecord-4_1":"4.1.9-9.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"rubygem-activerecord-4_1","purl":"pkg:rpm/suse/rubygem-activerecord-4_1&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1.9-9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for rubygem-activerecord-4_1 fixes the following issues:\n\n- CVE-2016-0753: Input Validation Circumvention (bsc#963334)\n- CVE-2015-7577: Nested attributes rejection proc bypass (bsc#963330)\n","id":"SUSE-SU-2016:0598-1","modified":"2016-02-26T15:08:40Z","published":"2016-02-26T15:08:40Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20160598-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/963330"},{"type":"REPORT","url":"https://bugzilla.suse.com/963334"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-7577"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0753"}],"related":["CVE-2015-7577","CVE-2016-0753"],"summary":"Security update for rubygem-activerecord-4_1","upstream":["CVE-2015-7577","CVE-2016-0753"]}