18 matches found
RHCOS 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)
The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0701 advisory. - rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template CVE-2013-0256 -...
Ruby: XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256)
Vulnerability description not provided...
Debian: Security Advisory (DLA-235-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 235-1] ruby1.9.1 security update
Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u4 CVE ID : CVE-2011-0188 CVE-2011-2705 CVE-2012-4522 CVE-2013-0256 CVE-2013-2065 CVE-2015-1855 CVE-2011-0188 The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and oth...
DLA-235-1 ruby1.9.1 - security update
Bulletin has no description...
openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)
ruby19 was updated to fix various bugs and security issues: Update to 1.9.3 p385 bnc802406 - XSS exploit of RDoc documentation generated by rdoc CVE-2013-0256 - for other changes see /usr/share/doc/packages/ruby19/Changelog Update to 1.9.3 p327 bnc789983 - CVE-2012-5371 and plenty of other fixes...
openSUSE Security Update : rubygem-rdoc (openSUSE-SU-2013:0303-1)
rubgem rdoc was updated to fix a security issue : CVE-2013-0256: rubygem-rdoc: XSS exploit of RDoc documentation generated by rdoc - Ensured that rd parser files are generated before checking the manifest. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...
Fedora Update for rubygem-rdoc FEDORA-2013-2131
Check for the Version of rubygem-rdoc OpenVAS Vulnerability Test Fedora Update for rubygem-rdoc FEDORA-2013-2131 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for rubygem-rdoc FEDORA-2013-2143
Check for the Version of rubygem-rdoc OpenVAS Vulnerability Test Fedora Update for rubygem-rdoc FEDORA-2013-2143 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for rubygem-rdoc FEDORA-2013-2143
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 17 : rubygem-rdoc-3.12-5.fc17 (2013-2143)
Patch cross site scripting vulnerability CVE-2013-0256 rhbz908358. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 18 : rubygem-rdoc-3.12-6.fc18 (2013-2131)
Patch cross site scripting vulnerability CVE-2013-0256 rhbz908358. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Moderate: Red Hat Security Advisory: ruby193-ruby, rubygem-json and rubygem-rdoc security update
Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
CVE-2013-0256
CVE-2013-0256 affects Ruby’s RDoc/darkfish.js: XSS via crafted URLs in RDoc-generated documentation. Affected: darkfish.js handling in RDoc versions 2.3.0–3.12 and 4.x before 4.0.0.preview2.1. Impact: remote script execution in the context of the user’s session when documentation is viewed over t...
Ubuntu: Security Advisory (USN-1733-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : Ruby -- XSS exploit of RDoc documentation generated by rdoc (d3e96508-056b-4259-88ad-50dc8d1978a6)
Ruby developers report : RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to...
CVE-2013-0256
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...