ROS-20260506-73-0040

Vulnerability in rubygem-actionview due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

OESA-2024-1775 rubygem-actionview security update

Simple, battle-tested conventions and helpers for building web pages. Security Fixes: A flaw was found in Rails. rails-ujs may allow an attacker to perform Cross-Site Scripting XSS, which could lead to stolen information, phishing attacks, and other types of attacks.CVE-2023-23913...

OPENSUSE-SU-2024:10057-1 ruby2.2-rubygem-actionview-4_2-4.2.7.1-1.1 on GA media

These are all security issues fixed in the ruby2.2-rubygem-actionview-42-4.2.7.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11823-1 ruby3.1-rubygem-actionview-6.0-6.0.4.4-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-actionview-6.0-6.0.4.4-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2023:3813-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3813-1 advisory. - CVE-2023-23913: Fixed DOM Based Cross-site Scripting in rails-ujs bsc1209826. Tenable has extracted the preceding description block...

SUSE-SU-2023:3813-1 Security update for rubygem-actionview-5_1

This update for rubygem-actionview-51 fixes the following issues: - CVE-2023-23913: Fixed DOM Based Cross-site Scripting in rails-ujs bsc1209826...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2023-4f0bb4ff5e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2023-7002afbbb8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2023-d6157bb1e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3860-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - CVE-2022-27777: Fixed cross-site scripting vulnerability in Action View tag helpers bsc1199060...

CVE-2022-27777

A flaw was found in rubygem-actionview when untrusted data such as the hash key for tag attributes are not properly escaped. This flaw allows an attacker to perform a Cross-site scripting attack...

OESA-2021-1180 rubygem-actionview security update

Simple, battle-tested conventions and helpers for building web pages. Security Fixes: In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting XSS vulnerability in Action View s translation helpers. Views that allow the user to control the default not found val...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2020:2686-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - CVE-2020-15169: Fix cross-site scripting in translation helpers bsc1176421...

SUSE-SU-2020:2140-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - Fixed a potential remote code execution of user-provided local names bsc1173144, CVE-2020-8163...

CVE-2020-8167

A flaw was found in rubygem-actionview. A regression of CVE-2015-1840 causes Rails-ujs to send CSRF tokens to wrong domains. The highest threat from this vulnerability is to data integrity...

openSUSE: Security Advisory for rubygem-actionview-5_1 (openSUSE-SU-2020:0627-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for rubygem-actionview-5_1 (moderate)

openSUSE Security Update: Security update for rubygem-actionview-51 Announcement ID: openSUSE-SU-2020:0627-1 Rating: moderate References: 1167240 Cross-References: CVE-2020-5267 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update...

openSUSE Security Update : rubygem-actionview-5_1 (openSUSE-2020-627)

This update for rubygem-actionview-51 fixes the following issues : - CVE-2020-5267: Fixed an XSS vulnerability in ActionView's JavaScript literal escape helpers bsc1167240. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text a...

SUSE SLED15 / SLES15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2020:1178-1)

This update for rubygem-actionview-51 fixes the following issues : CVE-2020-5267: Fixed an XSS vulnerability in ActionView's JavaScript literal escape helpers bsc1167240. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...