Lucene search
RubySecRUBY:RACK-SSL-2014-2538-104734HistoryJul 08, 2013 - 8:00 p.m.
CVE-2014-2538 rubygem rack-ssl: URL error display XSS
2013-07-0820:00:00
RubySec
rubysec.com
8
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.6%
Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the rack-ssl
gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script
or HTML via a URI, which might not be properly handled by third-party adapters such
as JRuby-Rack.
References
Related
nessus
nessus
Fedora 20 : rubygem-rack-ssl-1.3.2-9.fc20 (2014-4118)
2014-04-03 00:00:00
openSUSE Security Update : rubygem-rack-ssl (openSUSE-SU-2014:0515-1)
2014-06-13 00:00:00
openvas
openvas
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
2014-04-03 00:00:00
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
2014-04-03 00:00:00
Mageia: Security Advisory (MGASA-2014-0156)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2014-2538
2014-03-25 00:00:00
prion
prion
Cross site scripting
2014-03-25 18:21:00
cvelist
cvelist
CVE-2014-2538
2014-03-25 14:00:00
nvd
nvd
CVE-2014-2538
2014-03-25 18:21:48
osv
osv
rack-ssl Cross-site Scripting vulnerability
2017-10-24 18:33:36
seebug
seebug
Ruby rack-ssl Gem้่ฏฏ้กต้ข่ทจ็ซ่ๆฌๆผๆด
2014-03-21 00:00:00
mageia
mageia
Updated ruby-rack-ssl packages fix CVE-2014-2538
2014-04-03 17:23:20
github
github
rack-ssl Cross-site Scripting vulnerability
2017-10-24 18:33:36
debiancve
debiancve
CVE-2014-2538
2014-03-25 18:21:48
cve
cve
CVE-2014-2538
2014-03-25 18:21:48
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-rack-ssl-1.3.2-9.fc20
2014-04-02 09:19:53
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.6%
Related for RUBY:RACK-SSL-2014-2538-104734