9 matches found
openSUSE Security Update : rubygem-rack-ssl (openSUSE-SU-2014:0515-1)
This rubygem-rack-ssl updated fixes the following security issue : - bnc869162: Fixed XSS in error page CVE-2014-2538. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-293. The te...
Updated ruby-rack-ssl packages fix CVE-2014-2538
Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters su...
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
Check for the Version of rubygem-rack-ssl OpenVAS Vulnerability Test Fedora Update for rubygem-rack-ssl FEDORA-2014-4118 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...
Fedora 20 : rubygem-rack-ssl-1.3.2-9.fc20 (2014-4118)
Handle bad URIs gracefully CVE-2014-2538. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...
CVE-2014-2538
Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...
CVE-2014-2538
Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...
CVE-2014-2538
CVE-2014-2538 describes an XSS vulnerability in the rack-ssl gem’s Ruby component (lib/rack/ssl.rb) prior to version 1.4.0. The issue allows remote attackers to inject arbitrary web script or HTML via a URI, which may not be handled correctly by adapters such as JRuby-Rack. Affected product: rack...
CVE-2014-2538
Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...
CVE-2014-2538 rubygem rack-ssl: URL error display XSS
Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...