Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4491HistoryDec 07, 2013 - 12:55 a.m.
CVE-2013-4491
2013-12-0700:55:00
Debian Security Bug Tracker
security-tracker.debian.org
21
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.7%
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/translation_helper.rb in the internationalization component in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted string that triggers generation of a fallback string by the i18n gem.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2:6.1.7.3+dfsg-1 | rails_2:6.1.7.3+dfsg-1_all.deb |
| Debian | 11 | all | rails | < 2:6.0.3.7+dfsg-2+deb11u2 | rails_2:6.0.3.7+dfsg-2+deb11u2_all.deb |
| Debian | 10 | all | rails | < 2:5.2.2.1+dfsg-1+deb10u3 | rails_2:5.2.2.1+dfsg-1+deb10u3_all.deb |
| Debian | 999 | all | rails | < 2:6.1.7.3+dfsg-3 | rails_2:6.1.7.3+dfsg-3_all.deb |
| Debian | 13 | all | rails | < 2:6.1.7.3+dfsg-3 | rails_2:6.1.7.3+dfsg-3_all.deb |
Related
gitlab
gitlab
Reflective XSS Vulnerability
2013-12-06 00:00:00
github
github
actionpack vulnerable to Cross-site Scripting
2017-10-24 18:33:37
cve
cve
CVE-2013-4491
2013-12-07 00:55:00
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:52:53
prion
prion
Cross site scripting
2013-12-07 00:55:00
osv
osv
actionpack vulnerable to Cross-site Scripting
2017-10-24 18:33:37
ubuntucve
ubuntucve
CVE-2013-4491
2013-12-07 00:00:00
securityvulns
securityvulns
Ruby Actionpack / Actionmailer multiple security vulnerabilities
2014-05-04 00:00:00
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
2014-05-04 00:00:00
redhat
redhat
(RHSA-2013:1794) Important: ruby193-rubygem-actionpack security update
2013-12-05 00:00:00
(RHSA-2014:0008) Important: ruby193-rubygem-actionpack security update
2014-01-06 00:00:00
(RHSA-2014:1863) Important: Subscription Asset Manager 1.4 security update
2014-11-17 00:00:00
openvas
openvas
Debian Security Advisory DSA 2888-1 (ruby-actionpack-3.2 - security update)
2014-03-27 00:00:00
Debian: Security Advisory (DSA-2888-1)
2014-03-26 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2014-0970
2014-01-27 00:00:00
nessus
nessus
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1906-1)
2014-06-13 00:00:00
Debian DSA-2888-1 : ruby-actionpack-3.2 - security update
2014-03-28 00:00:00
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1904-1)
2014-06-13 00:00:00
freebsd
freebsd
rails -- multiple vulnerabilities
2013-12-03 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-4.fc19
2014-01-24 07:50:26
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-2.fc20
2014-03-07 06:36:05
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-5.fc19
2014-03-11 04:11:08
debian
debian
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
2014-03-27 15:04:16
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.7%
Related for DEBIANCVE:CVE-2013-4491