CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-3460

Malicious code in bioql PyPI...

6.1CVSS5.8AI score0.0228EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-3413

Malicious code in bioql PyPI...

6.1CVSS5.8AI score0.01968EPSS

Exploits0References5

SUSE CVE•added 2024/12/04 3:48 a.m.•1 views

SUSE CVE-2024-53985

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0 and Nokogiri 1.15.7, or 1.16.x 1.16.8. The XSS vulnerability with certain...

6.1CVSS8.6AI score0.02195EPSS

Exploits0References3

SUSE CVE•added 2024/12/04 3:48 a.m.•2 views

SUSE CVE-2024-53986

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

6.1CVSS8.6AI score0.02649EPSS

Exploits0References3

OSV•added 2024/12/02 10:18 p.m.•16 views

GHSA-RXV5-GXQC-XX8G rails-html-sanitizer has XSS vulnerability with certain configurations

Summary There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. Versions affected: 1.6.0 Not affected: 1.6.0 Fixed versions: 1.6.1 Impact A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may...

2.3CVSS5AI score0.0228EPSS

Exploits0References5

NVD•added 2024/12/02 10:15 p.m.•34 views

CVE-2024-53986

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

6.1CVSS0.02649EPSS

Exploits0References2

OSV•added 2024/12/02 9:48 p.m.•16 views

GHSA-2X5M-9CH4-QGRR rails-html-sanitizer has XSS vulnerability with certain configurations

2.3CVSS5AI score0.01968EPSS

Exploits0References5

OSV•added 2024/12/02 9:48 p.m.•11 views

GHSA-638J-PMJW-JQ48 rails-html-sanitizer has XSS vulnerability with certain configurations

2.3CVSS5AI score0.02649EPSS

Exploits0References5

Snyk•added 2024/12/02 9:48 p.m.•1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the configuration of HTML5 sanitization and overridden sanitizer's allowed tags. An attacker can inject malicious content by exploiting the allowed tags settings to bypass sanitization controls. This is...

6.1CVSS5.3AI score0.02195EPSS

Exploits0References2

OSV•added 2024/12/02 9:48 p.m.•13 views

GHSA-W8GC-X259-RC7X rails-html-sanitize has XSS vulnerability with certain configurations

Summary There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0 and Nokogiri = 1.16.8. Impact A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5...

2.3CVSS4.9AI score0.02195EPSS

Exploits0References6

Snyk•added 2024/12/02 9:41 p.m.•1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper user input sanitization. Note Exploiting this vulnerability is only possible when the following are true: 1 HTML5 sanitization is enabled 2 The application developer has overridden the sanitizer'...

6.1CVSS5.3AI score0.01968EPSS

Exploits0References2

Debian CVE•added 2024/12/02 9:15 p.m.•13 views

CVE-2024-53985

6.1CVSS4.5AI score0.02195EPSS

Exploits0

Debian CVE•added 2024/12/02 9:15 p.m.•6 views

CVE-2024-53987

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

6.1CVSS4.5AI score0.01968EPSS

Exploits0

Vulnrichment•added 2024/12/02 9:15 p.m.•26 views

CVE-2024-53987 Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

2.3CVSS5.8AI score0.01968EPSS

Exploits0References2

CVE•added 2024/12/02 9:13 p.m.•74 views

CVE-2024-53986

Rails HTML Sanitizer (rails-html-sanitizer) version 1.6.0 has a potential XSS when HTML5 sanitization is enabled and both math and style tags are explicitly allowed. The issue arises if developers override sanitizer rules (e.g., allowed_tags or sanitize options) to permit both tags, enabling cont...

6.1CVSS5.6AI score0.02649EPSS

Exploits0References2Affected Software1

OSV•added 2024/12/02 9:7 p.m.•12 views

CVE-2024-53989 Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

2.3CVSS5.5AI score0.0228EPSS

Exploits0References4

Cvelist•added 2024/12/02 9:7 p.m.•16 views

CVE-2024-53989 Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...

2.3CVSS0.0228EPSS

Exploits0References2

RubySec•added 2024/12/02 12:0 a.m.•17 views

rails-html-sanitizer has XSS vulnerability with certain configurations

6.1CVSS5.7AI score0.02195EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/12/02 12:0 a.m.•1 views

PT-2024-36001

Name of the Vulnerable Software and Affected Versions: rails-html-sanitizer versions 1.6.0 Description: The issue is related to a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer when used with Rails = 7.1.0. This vulnerability may allow an attacker to inject conte...

6.4CVSS6.5AI score0.02649EPSS

Exploits0References25

RubySec•added 2024/12/02 12:0 a.m.•15 views

rails-html-sanitizer has XSS vulnerability with certain configurations

6.1CVSS5.7AI score0.0228EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by