Lucene search
K

12 matches found

OpenVAS
OpenVAS
added 2024/09/30 12:0 a.m.20 views

Debian: Security Advisory (DLA-3902-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.2914EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.32 views

Fedora 40 : rubygem-rails-html-sanitizer (2023-91e69ea326)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-91e69ea326 advisory. Automatic update for rubygem-rails-html-sanitizer-1.6.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 1.6.0-1 - Update to rails-html-sanitizer 1.6....

7.2CVSS6.7AI score0.0111EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.33 views

SUSE SLES15: ruby2.5-rubygem-rails-html-sanitizer / etc (SUSE-SU-2023:3714-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3714-1 advisory. - CVE-2022-23517: Fixed inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize...

7.5CVSS6.7AI score0.01454EPSS
Exploits3References13
OpenVAS
OpenVAS
added 2023/09/14 12:0 a.m.26 views

Debian: Security Advisory (DLA-3566-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.01454EPSS
Exploits3References4
Debian
Debian
added 2023/09/13 3:9 p.m.29 views

[SECURITY] [DLA 3566-1] ruby-rails-html-sanitizer security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3566-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 13, 2023 https://wiki.debian.org/LTS -...

7.5CVSS7.8AI score0.2914EPSS
Exploits4
Rockylinux
Rockylinux
added 2023/05/05 3:39 p.m.111 views

Satellite 6.13 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

9.8CVSS8.2AI score0.99931EPSS
Exploits63
Tenable Nessus
Tenable Nessus
added 2023/05/05 12:0 a.m.48 views

Rocky Linux 8 : Satellite 6.13 Release (Important) (RLSA-2023:2097)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2097 advisory. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an...

9.8CVSS8.1AI score0.99931EPSS
Exploits64References288
Circl
Circl
added 2022/12/14 8:23 p.m.5 views

CVE-2022-23518

creationtimestamp| type| source ---|---|--- 2022-12-14 20:23:16+00:00| seen| https://t.me/cibsecurity/54540...

6.1CVSS6.3AI score0.00867EPSS
Exploits1References1
NVD
NVD
added 2022/12/14 5:15 p.m.20 views

CVE-2022-23518

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions = 1.0.3, = 2.1.0. This issue is patched in version 1.4.4...

6.1CVSS0.00867EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2022/12/14 5:15 p.m.39 views

CVE-2022-23518

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions = 1.0.3, = 2.1.0. This issue is patched in version 1.4.4...

6.1CVSS6.7AI score0.00867EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/12/14 4:22 p.m.28 views

CVE-2022-23518 Improper neutralization of data URIs allows XSS in rails-html-sanitizer

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions = 1.0.3, = 2.1.0. This issue is patched in version 1.4.4...

6.1CVSS6.2AI score0.00867EPSS
Exploits1References4
CVE
CVE
added 2022/12/14 4:22 p.m.156 views

CVE-2022-23518

The CVE-2022-23518 entry concerns rails-html-sanitizer, a Ruby/Rails HTML sanitizer. Multiple connected advisories confirm that versions 1.0.3 through 1.4.3 are vulnerable to cross-site scripting via data URIs when used with Loofah ≥ 2.1.0, with the issue described as an improper neutralization o...

6.1CVSS6.1AI score0.00867EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder