Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.27 views

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02278EPSS
Exploits0References2
OSV
OSV
added 2024/02/08 11:6 a.m.2 views

OESA-2024-1146 rubygem-actionpack security update

Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling easy unit/integration testing that doesn't require a browser. Security Fixes: A regular expression based DoS vulnerability in Action Dispatch 6.0.6.1,...

7.5CVSS6.9AI score0.02278EPSS
Exploits0References3
Debian
Debian
added 2023/03/13 3:6 a.m.177 views

[SECURITY] [DSA 5372-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5372-1 [email protected] https://www.debian.org/security/ Aron Xu March 13, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

9.8CVSS7.8AI score0.04182EPSS
Exploits2
CVE
CVE
added 2023/02/09 12:0 a.m.303 views

CVE-2023-22792

CVE-2023-22792 affects Rails Action Dispatch: vulnerable in Action Dispatch <6.0.6.1, <6.1.7.1, and

7.5CVSS7.3AI score0.01695EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.42 views

CVE-2023-22792

A regular expression based DoS vulnerability in Action Dispatch 6.0.6.1, 6.1.7.1, and 7.0.4.1. Specially crafted cookies, in combination with a specially crafted XFORWARDEDHOST header can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process...

7.6AI score0.01695EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/02/01 12:0 a.m.34 views

Fedora 38 : rubygem-actioncable / rubygem-actionmailbox / rubygem-actionmailer / etc (2023-f60cca0686)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-f60cca0686 advisory. Upgrade to Ruby on Rails 7.0.4.2. Fixes numerous CVEs: https://rubyonrails.org/2023/1/17/Rails- Versions-6-0-6-1-6-1-7-1-7-0-4-1-have-been-released...

8.8CVSS7.3AI score0.02278EPSS
Exploits2References7
OSV
OSV
added 2023/01/18 6:23 p.m.48 views

GHSA-P84V-45XJ-WWQJ ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: = 3.0.0 Not affected: 3.0.0 Fixed Versions: 5.2.8.15 Rails LTS, 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in...

7.5CVSS7.5AI score0.01695EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2023/01/18 6:23 p.m.35 views

ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: = 3.0.0 Not affected: 3.0.0 Fixed Versions: 5.2.8.15 Rails LTS, 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in...

7.5CVSS7.5AI score0.01695EPSS
Exploits0References8Affected Software1
RubySec
RubySec
added 2023/01/18 12:0 a.m.39 views

ReDoS based DoS vulnerability in Action Dispatch

There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: = 3.0.0 Not affected: 3.0.0 Fixed Versions: 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in combination with a...

7.5CVSS7.3AI score0.01695EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder