pcs security and bug fix update

An update is available for pcs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...

RLSA-2023:2652 Important: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack: Regression of CVE-2023-28154 fixes in the Rocky Linux CVE-2023-2319 rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of...

RLSA-2023:3082 Moderate: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of service in header parsing CVE-2023-27539 For more details about the security...

rubygem-rack: denial of service in header parsing

A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service...

RHEL 9 : pcs (RHSA-2023:2652)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2652 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack:...

Fedora: Security Advisory for rubygem-redcarpet (FEDORA-2023-8682a0e17d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-redcarpet (FEDORA-2023-44daa9c1d4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-redcarpet (FEDORA-2023-597f13ffb9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: pcs security and bug fix update

An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

[SECURITY] Fedora 38 Update: rubygem-redcarpet-3.3.2-26.fc38

A fast, safe and extensible Markdown to XHTML parser...

[SECURITY] Fedora 37 Update: rubygem-redcarpet-3.3.2-26.fc37

A fast, safe and extensible Markdown to XHTML parser...

[SECURITY] Fedora 36 Update: rubygem-redcarpet-3.3.2-26.fc36

A fast, safe and extensible Markdown to XHTML parser...

Important: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack: Regression of CVE-2023-28154 fixes in the AlmaLinux CVE-2023-2319 rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of...

Fedora 38 : rubygem-redcarpet (2023-44daa9c1d4)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-44daa9c1d4 advisory. A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue...

rubygem-actionpack: Possible cross-site scripting vulnerability in Action Pack

A flaw was found in rubygem-actionpack where CSP headers were sent with responses that Rails considered "HTML" responses. This flaw allows an attacker to leave API requests without CSP headers and perform a Cross-site scripting attack...

rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting

A Cross-site scripting vulnerability was found in rubygem loofah. While neutralizing certain data URIs, loofah is susceptible to Cross-site scripting attacks...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2023:2059-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2059-1 advisory. - In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting XSS vulnerability in Action View's...

SUSE-SU-2023:2059-1 Security update for rubygem-actionview-5_1

This update for rubygem-actionview-51 fixes the following issues: - CVE-2022-27777: Fixed possible cross-site scripting vulnerability in Action View tag helpers bsc1199060. - CVE-2020-15169: Fixed cross-site scripting in translation helpers bsc1176421. - CVE-2020-8167: Fixed CSRF vulnerability in...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update

Logging Subsystem 5.6.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

rubygem-rack: denial of service in header parsing

A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service...