Lucene search
+L

6 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/05/18 12:0 a.m.6 views

ruby3.4-rubygem-kramdown-2.4.0-1.15 on GA media (moderate)

ruby3.4-rubygem-kramdown-2.4.0-1.15 on GA media Announcement ID: openSUSE-SU-2025:15119-1 Rating: moderate Cross-References: CVE-2020-14001 CVE-2021-28834 CVSS scores: CVE-2020-14001 SUSE : 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L CVE-2021-28834 SUSE : 9.8...

9.8CVSS7.6AI score0.0456EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.22 views

Debian DSA-4890-1 : ruby-kramdown - security update

Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

9.8CVSS8.3AI score0.02805EPSS
Exploits1References5
Debian
Debian
added 2021/04/12 7:22 a.m.111 views

[SECURITY] [DSA 4890-1] ruby-kramdown security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4890-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 12, 2021 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.02805EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/03/31 12:0 a.m.14 views

Fedora: Security Advisory for rubygem-kramdown (FEDORA-2021-edc673e864)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.02805EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/03/27 12:0 a.m.12 views

Fedora: Security Advisory for rubygem-kramdown (FEDORA-2021-139a6a2f9d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.02805EPSS
Exploits1References2
CVE
CVE
added 2021/03/19 6:51 a.m.103 views

CVE-2021-28834

Kramdown before 2.3.1 does not constrain Rouge formatters to Rouge::Formatters, allowing arbitrary class instantiation and potential code execution. Exploitation details are not provided in the documents; affected packages include kramdown/ruby-kramdown across Linux distros (e.g., Fedora, Debian,...

9.8CVSS9.2AI score0.02805EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder