Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.22 views

openSUSE Security Update : rubygem-rack-ssl (openSUSE-SU-2014:0515-1)

This rubygem-rack-ssl updated fixes the following security issue : - bnc869162: Fixed XSS in error page CVE-2014-2538. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-293. The te...

4.3CVSS8.4AI score0.0219EPSS
Exploits1References3
Mageia
Mageia
added 2014/04/03 1:23 p.m.46 views

Updated ruby-rack-ssl packages fix CVE-2014-2538

Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters su...

4.3CVSS5.6AI score0.0219EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2014/04/03 12:0 a.m.22 views

Fedora Update for rubygem-rack-ssl FEDORA-2014-4118

Check for the Version of rubygem-rack-ssl OpenVAS Vulnerability Test Fedora Update for rubygem-rack-ssl FEDORA-2014-4118 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

4.3CVSS6.4AI score0.0219EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/04/03 12:0 a.m.21 views

Fedora 20 : rubygem-rack-ssl-1.3.2-9.fc20 (2014-4118)

Handle bad URIs gracefully CVE-2014-2538. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

4.3CVSS8.2AI score0.0219EPSS
Exploits1References3
OSV
OSV
added 2014/03/25 6:21 p.m.5 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

5.4AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2014/03/25 6:21 p.m.22 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS7.3AI score0.0219EPSS
Exploits1References2
CVE
CVE
added 2014/03/25 2:0 p.m.86 views

CVE-2014-2538

CVE-2014-2538 describes an XSS vulnerability in the rack-ssl gem’s Ruby component (lib/rack/ssl.rb) prior to version 1.4.0. The issue allows remote attackers to inject arbitrary web script or HTML via a URI, which may not be handled correctly by adapters such as JRuby-Rack. Affected product: rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2014/03/25 2:0 p.m.19 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1
RubySec
RubySec
added 2013/07/09 12:0 a.m.16 views

CVE-2014-2538 rubygem rack-ssl: URL error display XSS

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder