7 matches found
RHEL 7 : CloudForms 4.6.8 (RHSA-2019:0315)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0315 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...
Moderate: Red Hat Security Advisory: CloudForms 4.6.8 security, bug fix and enhancement update
An update is now available for CloudForms Management Engine 5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Fedora 28 : 1:rubygem-sinatra (2018-3f61c5cf7c)
Fix XSS in the 400 Bad Request page CVE-2018-11627, rhbz1585218. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
FreeBSD : sinatra -- XSS vulnerability (ca05d9da-ac1d-4113-8a05-ffe9cd0d6160)
Sinatra blog : Sinatra had a critical vulnerability since v2.0.0. The purpose of this release is to fix CVE-2018-11627. The vulnerability is that XSS can be executed by using illegal parameters. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Fedora 27 : 1:rubygem-sinatra (2018-0b17e1e529)
Fix XSS in the 400 Bad Request page CVE-2018-11627, rhbz1585218. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
sinatra -- XSS vulnerability
Sinatra blog: Sinatra had a critical vulnerability since v2.0.0. The purpose of this release is to fix CVE-2018-11627. The vulnerability is that XSS can be executed by using illegal parameters...
CVE-2018-11627
CVE-2018-11627 affects the Sinatra Ruby gem (pre-2.0.2) with an XSS in the 400 Bad Request page triggered by a params parser exception. Fedora/RH advisories (e.g., RHSA-2019:0212, RHSA-2019:0315) document fixes and package updates for rubygem-sinatra across affected Fedora/RHEL releases; OpenVAS/...