15 matches found
EUVD-2024-2044
Malicious code in bioql PyPI...
SUSE-SU-2024:2140-1 Security update for rmt-server
This update for rmt-server fixes the following issues: - Update to version 2.17 - CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content-Type. bsc1225997...
SUSE-SU-2024:1974-1 Security update for rmt-server
This update for rmt-server fixes the following issues: - Update to version 2.17 - CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content-Type. bsc1225997...
SUSE-SU-2024:1973-1 Security update for rmt-server
This update for rmt-server fixes the following issues: - Update to version 2.17 - CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content-Type. bsc1225997...
CVE-2024-28103
A flaw was found in rubygem-actionpack. Since version 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML-related Content-Type. This vulnerability is fixed in versions 6.1.7.8, 7.0.8.2, and 7.1.3.3...
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: = 6.1.0 Not affected: 6.1.0 Fixed Versions: 6.1.7.8,...
GHSA-FWHR-88QX-H9G7 Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: = 6.1.0 Not affected: 6.1.0 Fixed Versions: 6.1.7.8,...
CVE-2024-28103
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...
CVE-2024-28103
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...
CVE-2024-28103
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...
CVE-2024-28103 Action Pack is missing security headers on non-HTML responses
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...
CVE-2024-28103 Action Pack is missing security headers on non-HTML responses
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...
CVE-2024-28103 Action Pack is missing security headers on non-HTML responses
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3...
PT-2024-10114
Name of the Vulnerable Software and Affected Versions Action Pack versions 6.1.0 through 6.1.7.7 Action Pack versions 7.0.0 through 7.0.8.1 Action Pack versions 7.1.0 through 7.1.3.2 Description The application configurable Permissions-Policy is only served on responses with an HTML related...
Missing security headers in Action Pack on non-HTML responses
Permissions-Policy is Only Served on HTML Content-Type The application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This has been assigned the CVE identifier CVE-2024-28103. Versions Affected: = 6.1.0 Not affected: 6.1.0 Fixed Versions: 6.1.7.8,...