Lucene search
K

24 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in ruby-rails-html-sanitizer

Possible XSS Vulnerability in Rails::Html::Sanitizer There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This vulnerability has been assigned the CVE identifier CVE-2022-32209. Vulnerabilities affected: ALL Not affected: NONEMeaning: Fixed versions: v1.4.3...

6.1CVSS6.5AI score0.29316EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2024/09/30 12:0 a.m.20 views

Debian: Security Advisory (DLA-3902-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.29316EPSS
Exploits4References2
Hacker One
Hacker One
added 2022/12/14 9:17 p.m.114 views

Internet Bug Bounty: CVE-2022-23520: Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations)

The following is from: https://hackerone.com/reports/1654310 While building a PoC for CVE-2022-32209, I noticed that I could not fix my vulnerable application by updating https://github.com/rails/rails-html-sanitizer from 1.4.2 to 1.4.3 even though the Hackerone report about this vulnerability...

5.8CVSS6.3AI score0.29316EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2022/12/14 6:15 p.m.48 views

CVE-2022-23520

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to...

6.1CVSS6.7AI score0.0111EPSS
Exploits1References3
Prion
Prion
added 2022/12/14 6:15 p.m.26 views

Design/Logic Flaw

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to...

5.8CVSS6.1AI score0.29316EPSS
Exploits2References3Affected Software2
OSV
OSV
added 2022/12/13 5:51 p.m.31 views

GHSA-RRFC-7G8P-99Q8 Possible XSS vulnerability with certain configurations of rails-html-sanitizer

Summary There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This is due to an incomplete fix of CVE-2022-32209. - Versions affected: ALL - Not affected: NONE - Fixed versions: 1.4.4 Impact A possible XSS vulnerability with certain configurations of...

6.1CVSS6.4AI score0.0111EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/12/13 5:51 p.m.44 views

Possible XSS vulnerability with certain configurations of rails-html-sanitizer

Summary There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This is due to an incomplete fix of CVE-2022-32209. - Versions affected: ALL - Not affected: NONE - Fixed versions: 1.4.4 Impact A possible XSS vulnerability with certain configurations of...

6.1CVSS6.3AI score0.29316EPSS
Exploits2References7Affected Software1
RubySec
RubySec
added 2022/12/13 12:0 a.m.33 views

Possible XSS vulnerability with certain configurations of rails-html-sanitizer

Summary There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This is due to an incomplete fix of CVE-2022-32209. - Versions affected: ALL - Not affected: NONE - Fixed versions: 1.4.4 Impact A possible XSS vulnerability with certain configurations of...

6.1CVSS1.3AI score0.29316EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.34 views

Debian dla-3227 : ruby-rails-html-sanitizer - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3227 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3227-1 [email protected] https://www.debian.org/lts/security/...

6.1CVSS6.2AI score0.29316EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/11/16 3:9 p.m.424 views

Important: Red Hat Security Advisory: Satellite 6.12 Release

An update is now available for Red Hat Satellite 6.12. The release contains a new version of Satellite and important security fixes for various components. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring ...

9.8CVSS7AI score0.73274EPSS
Exploits7References279
OSV
OSV
added 2022/11/16 1:21 p.m.38 views

RLSA-2022:8506 Important: Satellite 6.12 Release

Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: netty-codec: Bzip2Decoder doesn't allow setting...

9.8CVSS8.7AI score0.73274EPSS
Exploits6References279
Tenable Nessus
Tenable Nessus
added 2022/08/23 12:0 a.m.150 views

SUSE SLES15: ruby2.5-rubygem-rails-html-sanitizer / etc (SUSE-SU-2022:2870-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2870-1 advisory. - CVE-2022-32209: Fixed a potential content injection under specific configurations bsc1201183. Tenable has extracted the preceding...

6.1CVSS6.7AI score0.29316EPSS
Exploits1References4
OSV
OSV
added 2022/08/22 9:3 p.m.6 views

SUSE-SU-2022:2870-1 Security update for rubygem-rails-html-sanitizer

This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2022-32209: Fixed a potential content injection under specific configurations bsc1201183...

6.1CVSS6.6AI score0.29316EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/08/15 12:0 a.m.22 views

Fedora: Security Advisory for rubygem-rails-html-sanitizer (FEDORA-2022-974fffb418)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.6AI score0.29316EPSS
Exploits1References2
Hacker One
Hacker One
added 2022/07/29 9:46 p.m.59 views

Ruby on Rails: Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations)

While building a PoC for CVE-2022-32209, I noticed that I could not fix my vulnerable application by updating https://github.com/rails/rails-html-sanitizer from 1.4.2 to 1.4.3 even though the Hackerone report about this vulnerability suggested that this should fix it see here:...

5.8CVSS6.1AI score0.29316EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2022/06/28 4:6 p.m.42 views

CVE-2022-32209

A Cross-site scripting XSS vulnerability exists in ruby on rails. This issue could allow an attacker to inject content into the application, leading to loss of integrity and confidentiality...

6.1CVSS3.6AI score0.29316EPSS
Exploits1References3
NVD
NVD
added 2022/06/24 3:15 p.m.21 views

CVE-2022-32209

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

6.1CVSS0.29316EPSS
Exploits1References5
Prion
Prion
added 2022/06/24 3:15 p.m.25 views

Design/Logic Flaw

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

4.3CVSS6.1AI score0.29316EPSS
Exploits1References4Affected Software3
UbuntuCve
UbuntuCve
added 2022/06/24 3:15 p.m.33 views

CVE-2022-32209

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

6.1CVSS6.5AI score0.29316EPSS
Exploits1References4
OSV
OSV
added 2022/06/24 3:15 p.m.4 views

UBUNTU-CVE-2022-32209

Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3 ImpactA possible XS...

6.1CVSS6.5AI score0.29316EPSS
Exploits1References5
Rows per page
Query Builder