41 matches found
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
CVE-2023-28120
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input...
OESA-2024-1800 rubygem-activesupport security update
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. Security Fixes: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is...
OESA-2024-1797 rubygem-activesupport security update
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. Security Fixes: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is...
OESA-2024-1799 rubygem-activesupport security update
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. Security Fixes: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is...
OESA-2024-1798 rubygem-activesupport security update
A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. Security Fixes: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is...
SUSE: Security Advisory (SUSE-SU-2023:2304-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2023:2294-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2294-1 advisory. Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. - CVE-2023-27530: Fixe...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2023:2304-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2304-1 advisory. Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. - CVE-2023-27530: Fixe...
SUSE SLES15 / openSUSE 15 Security Update : rmt-server (SUSE-SU-2023:2295-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2295-1 advisory. Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. -...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2023:2280-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2280-1 advisory. Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency bsc1209507. - CVE-2023-27530: Fixe...
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Watson AIOps version 3.7.1 Vulnerability Details CVEID:CVE-2023-0767 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system, caused by an...
Moderate: Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update
Logging Subsystem 5.6.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...
Debian DSA-5389-1 : rails - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5389 advisory. Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting...
[SECURITY] [DSA 5389-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5389-1 [email protected] https://www.debian.org/security/ Aron Xu April 14, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
Fedora: Security Advisory for rubygem-actionmailbox (FEDORA-2023-7002afbbb8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...