Lucene search
K

14 matches found

OSV
OSV
added 2023/10/20 8:34 a.m.9 views

MGASA-2023-0291 Updated ruby-RedCloth packages fix a security vulnerability

A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload. CVE-2023-31606...

7.5CVSS7.3AI score0.01513EPSS
Exploits1References3
Mageia
Mageia
added 2023/10/20 8:34 a.m.39 views

Updated ruby-RedCloth packages fix a security vulnerability

A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload. CVE-2023-31606...

7.5CVSS6.8AI score0.01513EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/10/20 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2023-0291)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01513EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/09/25 12:0 a.m.4 views

The vulnerability of the `sanitize_html` function in Ruby Redcloth software allows a hacker to cause a service failure.

The vulnerability of the sanitizehtml function in Ruby Redcloth text processing software is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service interruptions remotely...

7.8CVSS7.1AI score0.01513EPSS
Exploits1References8Affected Software4
OpenVAS
OpenVAS
added 2023/09/13 12:0 a.m.9 views

Ubuntu: Security Advisory (USN-6358-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01513EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/07/18 12:0 a.m.10 views

Debian: Security Advisory (DLA-3480-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01513EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/07/18 12:0 a.m.12 views

Debian dla-3480 : ruby-redcloth - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3480 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3480-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.2AI score0.01513EPSS
Exploits1References4
Debian
Debian
added 2023/07/06 10:9 p.m.14 views

[SECURITY] [DLA 3480-1] ruby-redcloth security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3480-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès July 06, 2023 https://wiki.debian.org/LTS -...

7.5CVSS7.2AI score0.01513EPSS
Exploits1
OSV
OSV
added 2023/07/06 12:0 a.m.13 views

DLA-3480-1 ruby-redcloth - security update

Bulletin has no description...

7.5CVSS7.3AI score0.01513EPSS
Exploits1
securityvulns
securityvulns
added 2015/03/23 12:0 a.m.63 views

[SECURITY] [DSA 3168-1] ruby-redcloth security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3168-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 22, 2015 http://www.debian.org/security/faq -...

4.3CVSS2AI score0.02253EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/02/24 12:0 a.m.26 views

Debian DSA-3168-1 : ruby-redcloth - security update

Kousuke Ebihara discovered that redcloth, a Ruby module used to convert Textile markup to HTML, did not properly sanitize its input. This allowed a remote attacker to perform a cross-site scripting attack by injecting arbitrary JavaScript code into the generated HTML. %NASLMINLEVEL 70300 C Tenabl...

4.3CVSS8.4AI score0.02253EPSS
Exploits1References4
Debian
Debian
added 2015/02/22 6:2 p.m.21 views

[SECURITY] [DSA 3168-1] ruby-redcloth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3168-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 22, 2015 http://www.debian.org/security/faq -...

4.3CVSS2.6AI score0.02253EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/02/22 12:0 a.m.18 views

Debian Security Advisory DSA 3168-1 (ruby-redcloth - security update)

Kousuke Ebihara discovered that redcloth, a Ruby module used to convert Textile markup to HTML, did not properly sanitize its input. This allowed a remote attacker to perform a cross-site scripting attack by injecting arbitrary JavaScript code into the generated HTML. OpenVAS Vulnerability Test...

4.3CVSS0.02253EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2015/02/21 12:0 a.m.23 views

Debian: Security Advisory (DSA-3168-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.5AI score0.02253EPSS
Exploits1References3
Rows per page
Query Builder