Tag Archives: security

OpenSSL Heartbeat Vulnerability (aka: Heartbleed)

As most of our users are by now no doubt aware, on April 7th a serious vulnerability was announced in recent versions of OpenSSL.  Dubbed Heartbleed, CVE-2014-0160  allows a remote attacker to read potentially sensitive data on the server. This vulnerability has had a widespread impact on many providers.  We take security and the trust […]

Leave a comment

Rails SQL Injection

A serious security vulnerability in all released versions of Rails was announced on the Ruby on Rails Security list on January second. You can read more about the details in the original post here and follow the CVE case here. The short version is that all extant versions of the ActiveRecord ORM were vulnerable to […]

Leave a comment