Lucene search
+L

8 matches found

mageia
mageia
added 2014/04/03 1:23 p.m.47 views

Updated ruby-rack-ssl packages fix CVE-2014-2538

Updated ruby-rack-ssl packages fix security vulnerabilities: Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters su...

4.3CVSS5.6AI score0.0219EPSS
Exploits1References2
nvd
nvd
added 2014/03/25 6:21 p.m.39 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2014/03/25 6:21 p.m.22 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS7.3AI score0.0219EPSS
Exploits1References2
prion
prion
added 2014/03/25 6:21 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS6AI score0.0219EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2014/03/25 2:0 p.m.39 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

5.4AI score0.0219EPSS
Exploits1References5
debiancve
debiancve
added 2014/03/25 2:0 p.m.49 views

CVE-2014-2538

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1
cve
cve
added 2014/03/25 2:0 p.m.87 views

CVE-2014-2538

CVE-2014-2538 describes an XSS vulnerability in the rack-ssl gem’s Ruby component (lib/rack/ssl.rb) prior to version 1.4.0. The issue allows remote attackers to inject arbitrary web script or HTML via a URI, which may not be handled correctly by adapters such as JRuby-Rack. Affected product: rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1References5Affected Software1
rubygems
rubygems
added 2013/07/09 12:0 a.m.16 views

CVE-2014-2538 rubygem rack-ssl: URL error display XSS

Cross-site scripting XSS vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack...

4.3CVSS5.5AI score0.0219EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder