5 matches found
SUSE SLES15 Security Update : rubygem-actionpack-5_1, rubygem-activesupport-5_1 (SUSE-SU-2022:2108-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2108-1 advisory. - The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the...
Design/Logic Flaw
Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...
CVE-2022-23633
Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...
CVE-2022-23633 Exposure of sensitive information in Action Pack
Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In the event a response is not notified of a close, ActionDispatch::Executor will not know to reset thread local state for the next request. This can lead to dat...
Security Bulletin: IBM Cúram is susceptible to a Open Source CKEditor vulnerability (CVE-2014-5191).
Summary IBM Cúram Social Program Management is vulnerable to Reflected Cross-Site ScriptingXSS. This is caused by improper sanitization of user-supplied data in the Preview Plugin for CKEditor. Vulnerability Details CVE ID: CVE-2014-5191 The Preview Plugin for CKEditor is vulnerable to cross-site...