Lucene search
+L

12 matches found

openvas
openvas
added 2024/09/10 12:0 a.m.14 views

Fedora: Security Advisory (FEDORA-2023-1bbea3700b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01104EPSS
Exploits0References6
nessus
nessus
added 2024/04/29 12:0 a.m.24 views

Fedora 40 : rubygem-loofah (2023-1bbea3700b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1bbea3700b advisory. Automatic update for rubygem-loofah-2.22.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 2.22.0-1 - Update to Loofah 2.22.0. Resolves: rhbz2126896...

7.5CVSS6.9AI score0.01104EPSS
Exploits0References3
openvas
openvas
added 2023/09/14 12:0 a.m.18 views

Debian: Security Advisory (DLA-3565-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01686EPSS
Exploits0References4
debian
debian
added 2023/09/13 3:9 p.m.27 views

[SECURITY] [DLA 3565-1] ruby-loofah security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3565-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 13, 2023 https://wiki.debian.org/LTS -...

7.5CVSS7.9AI score0.01686EPSS
Exploits0
rocky
rocky
added 2023/05/05 3:39 p.m.111 views

Satellite 6.13 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

9.8CVSS8.2AI score0.99931EPSS
Exploits65
nessus
nessus
added 2023/05/05 12:0 a.m.48 views

Rocky Linux 8 : Satellite 6.13 Release (Important) (RLSA-2023:2097)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2097 advisory. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an...

9.8CVSS8.1AI score0.99931EPSS
Exploits66References288
redhat
redhat
added 2023/05/03 3:54 p.m.496 views

Important: Red Hat Security Advisory: Satellite 6.13 Release

An update is now available for Red Hat Satellite 6.13. The release contains a new version of Satellite and important security fixes for various components. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring ...

9.8CVSS7.6AI score0.99931EPSS
Exploits66References263
nessus
nessus
added 2023/03/30 12:0 a.m.38 views

SUSE SLES15 / openSUSE 15 Security Update : rubygem-loofah (SUSE-SU-2023:1657-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1657-1 advisory. - Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofa...

7.5CVSS6.5AI score0.01686EPSS
Exploits0References10
osv
osv
added 2023/03/29 7:38 a.m.9 views

SUSE-SU-2023:1657-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - CVE-2022-23514: Fixed inefficient regular expression leading to denial of service bsc1206415. - CVE-2022-23515: Fixed improper neutralization of data URIs leading to Cross Site Scripting bsc1206417. - CVE-2022-23516: Fixed uncontrolled...

7.5CVSS6.5AI score0.01686EPSS
Exploits0References7
cve
cve
added 2022/12/14 1:23 p.m.234 views

CVE-2022-23515

Concerning CVE-2022-23515, Loofah (Ruby library for HTML/XML sanitization, built on Nokogiri) is vulnerable in versions >= 2.1.0 and

6.1CVSS6AI score0.00792EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2022/12/14 1:23 p.m.39 views

CVE-2022-23515 Improper neutralization of data URIs may allow XSS in Loofah

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.1.0, 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1...

6.1CVSS6.2AI score0.00792EPSS
Exploits0References4
redhatcve
redhatcve
added 2022/12/14 11:35 a.m.44 views

CVE-2022-23515

A Cross-site scripting vulnerability was found in rubygem loofah. While neutralizing certain data URIs, loofah is susceptible to Cross-site scripting attacks...

6.1CVSS1.8AI score0.00792EPSS
Exploits0References4
Rows per page
Query Builder