Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2019/06/14 12:0 a.m.31 views

openSUSE Security Update : rubygem-rack (openSUSE-2019-1553)

This update for rubygem-rack fixes the following issues : Security issued fixed : - CVE-2018-16471: Fixed a cross-site scripting vulnerability via 'scheme' method bsc1116600. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

6.1CVSS6.5AI score0.01816EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/06/14 12:0 a.m.34 views

openSUSE: Security Advisory for rubygem-rack (openSUSE-SU-2019:1553-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.6AI score0.01816EPSS
Exploits0References2
OSV
OSV
added 2019/06/06 3:51 p.m.4 views

SUSE-SU-2019:1440-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: Security issued fixed: - CVE-2018-16471: Fixed a cross-site scripting vulnerability via 'scheme' method bsc1116600...

6.1CVSS6AI score0.01816EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.50 views

Fedora 29 : 1:rubygem-rack (2018-e8ff8b7f8e)

Buffer size in multipart parser allows for denial of service CVE-2018-16470. - Cross-site scripting XSS via scheme method on Rack::Request CVE-2018-16471. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

7.5CVSS6.4AI score0.02033EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 28 : 1:rubygem-rack (2018-02e965a729)

Buffer size in multipart parser allows for denial of service CVE-2018-16470. - Cross-site scripting XSS via scheme method on Rack::Request CVE-2018-16471. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

7.5CVSS6.4AI score0.02033EPSS
Exploits0References3
Debian
Debian
added 2018/11/21 1:27 p.m.226 views

[SECURITY] [DLA 1585-1] ruby-rack security update

Package : ruby-rack Version : 1.5.2-3+deb8u2 CVE ID : CVE-2018-16471 Debian Bug : 913005 It was discovered that there was an XSS vulnerability in the ruby-rack web-server library. A malicious request could impact the HTTP/HTTPS scheme being returned to the underlying application. For Debian 8...

6.1CVSS6.2AI score0.01816EPSS
Exploits0
OSV
OSV
added 2018/11/15 10:4 p.m.6 views

MGASA-2018-0449 Updated ruby-rack packages fix security vulnerability

There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data returned by the scheme method on Rack::Request.Applications that expect the scheme to be limited to "http" or "https" and do not escape the return value could be vulnerable to an XSS attack CVE-2018-1647...

6.1CVSS5.9AI score0.01816EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2018/11/13 11:0 p.m.22 views

CVE-2018-16471

There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the scheme method on Rack::Request. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an...

6.1CVSS6.3AI score0.01816EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/11/13 12:0 a.m.39 views

CVE-2018-16471

There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the scheme method on Rack::Request. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an...

6.1CVSS6.7AI score0.01816EPSS
Exploits0References2
RubySec
RubySec
added 2018/11/05 12:0 a.m.30 views

Possible XSS vulnerability in Rack

There is a possible vulnerability in Rack. This vulnerability has been assigned the CVE identifier CVE-2018-16471. Versions Affected: All. Not affected: None. Fixed Versions: 2.0.6, 1.6.11 Impact ------ There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data...

6.1CVSS1AI score0.01816EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder