Lucene search
+L

10 matches found

OpenVAS
OpenVAS
added 2024/09/30 12:0 a.m.20 views

Debian: Security Advisory (DLA-3902-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.29316EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.32 views

Fedora 40 : rubygem-rails-html-sanitizer (2023-91e69ea326)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-91e69ea326 advisory. Automatic update for rubygem-rails-html-sanitizer-1.6.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 1.6.0-1 - Update to rails-html-sanitizer 1.6....

7.2CVSS6.7AI score0.0111EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.33 views

SUSE SLES15: ruby2.5-rubygem-rails-html-sanitizer / etc (SUSE-SU-2023:3714-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3714-1 advisory. - CVE-2022-23517: Fixed inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize...

7.5CVSS6.7AI score0.01454EPSS
Exploits3References13
OpenVAS
OpenVAS
added 2023/09/14 12:0 a.m.26 views

Debian: Security Advisory (DLA-3566-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.01454EPSS
Exploits3References4
Debian
Debian
added 2023/09/13 3:9 p.m.77 views

[SECURITY] [DLA 3566-1] ruby-rails-html-sanitizer security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3566-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 13, 2023 https://wiki.debian.org/LTS -...

7.5CVSS7.8AI score0.29316EPSS
Exploits4
Rockylinux
Rockylinux
added 2023/05/05 3:39 p.m.111 views

Satellite 6.13 Release

An update is available for libdb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Rocky Enterprise Software Foundation Satellite is a systems management tool for...

9.8CVSS8.2AI score0.99931EPSS
Exploits67
Tenable Nessus
Tenable Nessus
added 2023/05/05 12:0 a.m.48 views

Rocky Linux 8 : Satellite 6.13 Release (Important) (RLSA-2023:2097)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2097 advisory. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an...

9.8CVSS8.1AI score0.99931EPSS
Exploits68References288
RedhatCVE
RedhatCVE
added 2022/12/15 11:5 a.m.33 views

CVE-2022-23519

A Cross-site scripting vulnerability was found in rails-html-sanitizer. Certain configurations of rails-html-sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags...

7.2CVSS2.4AI score0.00988EPSS
Exploits1References4
CVE
CVE
added 2022/12/14 4:50 p.m.171 views

CVE-2022-23519

CVE-2022-23519 affects rails-html-sanitizer. Prior to version 1.4.4, if an application overrides the sanitizer’s allowed tags to include both “math” and “style” or both “svg” and “style”, an XSS vector may be exploitable. The issue is fixed in version 1.4.4. Affected deployments should upgrade to...

7.2CVSS6.4AI score0.00988EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2022/12/14 4:50 p.m.42 views

CVE-2022-23519 Possible XSS vulnerability with certain configurations of rails-html-sanitizer

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's...

7.2CVSS6.9AI score0.00988EPSS
Exploits1References3
Rows per page
Query Builder