67 matches found
Debian dla-3566 : ruby-rails-html-sanitizer - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3566 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3566-1 [email protected]...
Debian: Security Advisory (DLA-3566-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3227-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3227-1] ruby-rails-html-sanitizer security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3227-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 07, 2022 https://wiki.debian.org/LTS -...
Joruri Mail Authorization Issues Vulnerability
Joruri Mail is a set of IMAP e-mail client software written using Ruby/Rails . A security vulnerability exists in Joruri Mail 2.1.4 and earlier versions. An attacker can exploit this vulnerability to spoof arbitrary users and modify or disclose information...
Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities
Vulnerabilities discovered by Zachary Sanchez of Cisco ASIG Overview Talos has discovered two XSS vulnerabilities in Ruby Rails Gems. Rails is a Ruby framework designed to create web services or web pages. Ruby Gems is a package manager for distributing software packages as 'gems'. The two XSS...
Updated ruby-rails and associated packages fix multiple vulnerabilities
Updated ruby-activerecord and ruby-actionpack packages fix security vulnerabilities: There is a data injection vulnerability in Active Record. Specially crafted strings can be used to save data in PostgreSQL array columns that may not be intended CVE-2014-0080. There is an XSS vulnerability in th...