Lucene search
+L

215 matches found

Fedora
Fedora
added 2013/05/07 6:36 p.m.37 views

[SECURITY] Fedora 18 Update: rubygem-rdoc-3.12-6.fc18

RDoc produces HTML and command-line documentation for Ruby projects. RDoc includes the +rdoc+ and +ri+ tools for generating and displaying online documentation. See RDoc for a description of RDoc's markup and basic use...

4.3CVSS0.2AI score0.03622EPSS
Exploits0
Fedora
Fedora
added 2013/05/07 6:25 p.m.34 views

[SECURITY] Fedora 17 Update: rubygem-rdoc-3.12-5.fc17

RDoc produces HTML and command-line documentation for Ruby projects. RDoc includes the +rdoc+ and +ri+ tools for generating and displaying online documentation. See RDoc for a description of RDoc's markup and basic use...

4.3CVSS0.2AI score0.03622EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2013/04/09 6:8 p.m.6 views

rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS7.3AI score0.03622EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/04/09 6:8 p.m.42 views

Moderate: Red Hat Security Advisory: rubygem packages security update

This update fixes one security issue in multiple rubygem packages for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

4.3CVSS7.5AI score0.03622EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/04/02 7:58 p.m.6 views

rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS7.3AI score0.03622EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/03/26 7:10 p.m.9 views

rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS7.3AI score0.03622EPSS
Exploits0References5
NVD
NVD
added 2013/03/01 5:40 a.m.18 views

CVE-2013-0256

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS5.5AI score0.03622EPSS
Exploits0References12
Prion
Prion
added 2013/03/01 5:40 a.m.23 views

Cross site scripting

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS5.8AI score0.03622EPSS
Exploits0References12Affected Software3
Cvelist
Cvelist
added 2013/03/01 2:0 a.m.43 views

CVE-2013-0256

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

5.3AI score0.03622EPSS
Exploits0References12
CVE
CVE
added 2013/03/01 2:0 a.m.150 views

CVE-2013-0256

CVE-2013-0256 affects Ruby’s RDoc/darkfish.js: XSS via crafted URLs in RDoc-generated documentation. Affected: darkfish.js handling in RDoc versions 2.3.0–3.12 and 4.x before 4.0.0.preview2.1. Impact: remote script execution in the context of the user’s session when documentation is viewed over t...

4.3CVSS5.2AI score0.03622EPSS
Exploits0References12Affected Software2
Positive Technologies
Positive Technologies
added 2013/03/01 12:0 a.m.13 views

PT-2013-2191 · Ruby +2 · Rdoc +3

Name of the Vulnerable Software and Affected Versions: RDoc versions 2.3.0 through 3.12 RDoc versions 4.x before 4.0.0.preview2.1 Description: The issue allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, due to improper document generation by darkfish.js in RDo...

8.4CVSS6.5AI score0.34968EPSS
Exploits10References58
Tenable Nessus
Tenable Nessus
added 2013/02/17 12:0 a.m.34 views

FreeBSD : Ruby -- XSS exploit of RDoc documentation generated by rdoc (d3e96508-056b-4259-88ad-50dc8d1978a6)

Ruby developers report : RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to...

4.3CVSS8AI score0.03622EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2013/02/06 12:0 a.m.28 views

CVE-2013-0256

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS7.1AI score0.03622EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2013/02/06 12:0 a.m.35 views

Ruby -- XSS exploit of RDoc documentation generated by rdoc

Ruby developers report: RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to...

4.3CVSS5.6AI score0.03622EPSS
Exploits0
RubySec
RubySec
added 2013/02/06 12:0 a.m.27 views

CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

4.3CVSS5.1AI score0.03622EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder