Lucene search
MitreCVELIST:CVE-2020-25739HistorySep 23, 2020 - 1:53 p.m.
CVE-2020-25739
2020-09-2313:53:14
mitre
www.cve.org
An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escape_mode parameter to escape fields as an XSS protection mechanism. To mitigate, json_dumper.rb in gon now does escaping for XSS by default without relying on MultiJson.
Related
ubuntucve
ubuntucve
CVE-2020-25739
2020-09-23 00:00:00
osv
osv
ruby-gon - security update
2020-09-26 00:00:00
ruby-gon vulnerability
2020-09-30 17:16:58
Gon gem lack of escaping certain input when outputting as JSON
2021-04-30 17:29:15
nvd
nvd
CVE-2020-25739
2020-09-23 14:15:12
debian
debian
[SECURITY] [DLA 2380-1] ruby-gon security update
2020-09-26 09:39:02
nessus
nessus
Ubuntu 18.04 LTS : Gon gem vulnerability (USN-4560-1)
2020-10-02 00:00:00
Debian DLA-2380-1 : ruby-gon security update
2020-09-28 00:00:00
debiancve
debiancve
CVE-2020-25739
2020-09-23 14:15:12
veracode
veracode
Cross-site Scripting (XSS)
2020-09-24 02:25:10
cve
cve
CVE-2020-25739
2020-09-23 14:15:12
openvas
openvas
Debian: Security Advisory (DLA-2380-1)
2020-09-27 00:00:00
Ubuntu: Security Advisory (USN-4560-1)
2020-10-01 00:00:00
ubuntu
ubuntu
Gon gem vulnerability
2020-09-30 00:00:00
prion
prion
Design/Logic Flaw
2020-09-23 14:15:00
github
github
Gon gem lack of escaping certain input when outputting as JSON
2021-04-30 17:29:15
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34