Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2014-0156
HistoryApr 03, 2014 - 5:23 p.m.

Updated ruby-rack-ssl packages fix CVE-2014-2538

2014-04-0317:23:20
Gentoo Foundation
advisories.mageia.org
7

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.6%

JSON

Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack (CVE-2014-2538).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchruby-rack-ssl<ย 1.3.2-3.1ruby-rack-ssl-1.3.2-3.1.mga3
Mageia4noarchruby-rack-ssl<ย 1.3.3-3.1ruby-rack-ssl-1.3.3-3.1.mga4

Related

nessus 2
openvas 3
ubuntucve 1
prion 1
cvelist 1
nvd 1
osv 1
seebug 1
github 1
debiancve 1
cve 1
fedora 1
rubygems 1
nessus
nessus
Fedora 20 : rubygem-rack-ssl-1.3.2-9.fc20 (2014-4118)
2014-04-03 00:00:00
openSUSE Security Update : rubygem-rack-ssl (openSUSE-SU-2014:0515-1)
2014-06-13 00:00:00
openvas
openvas
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
2014-04-03 00:00:00
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
2014-04-03 00:00:00
Mageia: Security Advisory (MGASA-2014-0156)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2014-2538
2014-03-25 00:00:00
prion
prion
Cross site scripting
2014-03-25 18:21:00
cvelist
cvelist
CVE-2014-2538
2014-03-25 14:00:00
nvd
nvd
CVE-2014-2538
2014-03-25 18:21:48
osv
osv
rack-ssl Cross-site Scripting vulnerability
2017-10-24 18:33:36
seebug
seebug
Ruby rack-ssl Gem้”™่ฏฏ้กต้ข่ทจ็ซ™่„šๆœฌๆผๆดž
2014-03-21 00:00:00
github
github
rack-ssl Cross-site Scripting vulnerability
2017-10-24 18:33:36
debiancve
debiancve
CVE-2014-2538
2014-03-25 18:21:48
cve
cve
CVE-2014-2538
2014-03-25 18:21:48
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-rack-ssl-1.3.2-9.fc20
2014-04-02 09:19:53
rubygems
rubygems
CVE-2014-2538 rubygem rack-ssl: URL error display XSS
2013-07-08 20:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.6%

JSON
Related for MGASA-2014-0156
nessus2openvas3ubuntucve1prion1cvelist1nvd1osv1seebug1github1debiancve1cve1fedora1rubygems1