215 matches found
[SECURITY] Fedora 18 Update: rubygem-rdoc-3.12-6.fc18
RDoc produces HTML and command-line documentation for Ruby projects. RDoc includes the +rdoc+ and +ri+ tools for generating and displaying online documentation. See RDoc for a description of RDoc's markup and basic use...
[SECURITY] Fedora 17 Update: rubygem-rdoc-3.12-5.fc17
RDoc produces HTML and command-line documentation for Ruby projects. RDoc includes the +rdoc+ and +ri+ tools for generating and displaying online documentation. See RDoc for a description of RDoc's markup and basic use...
rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
Moderate: Red Hat Security Advisory: rubygem packages security update
This update fixes one security issue in multiple rubygem packages for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
CVE-2013-0256
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
Cross site scripting
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
CVE-2013-0256
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
CVE-2013-0256
CVE-2013-0256 affects Ruby’s RDoc/darkfish.js: XSS via crafted URLs in RDoc-generated documentation. Affected: darkfish.js handling in RDoc versions 2.3.0–3.12 and 4.x before 4.0.0.preview2.1. Impact: remote script execution in the context of the user’s session when documentation is viewed over t...
PT-2013-2191 · Ruby +2 · Rdoc +3
Name of the Vulnerable Software and Affected Versions: RDoc versions 2.3.0 through 3.12 RDoc versions 4.x before 4.0.0.preview2.1 Description: The issue allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, due to improper document generation by darkfish.js in RDo...
FreeBSD : Ruby -- XSS exploit of RDoc documentation generated by rdoc (d3e96508-056b-4259-88ad-50dc8d1978a6)
Ruby developers report : RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to...
CVE-2013-0256
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...
Ruby -- XSS exploit of RDoc documentation generated by rdoc
Ruby developers report: RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to...
CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...