ROS-20260506-73-0040

Vulnerability in rubygem-actionview due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

OESA-2024-1775 rubygem-actionview security update

Simple, battle-tested conventions and helpers for building web pages. Security Fixes: A flaw was found in Rails. rails-ujs may allow an attacker to perform Cross-Site Scripting XSS, which could lead to stolen information, phishing attacks, and other types of attacks.CVE-2023-23913...

OPENSUSE-SU-2024:11823-1 ruby3.1-rubygem-actionview-6.0-6.0.4.4-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-actionview-6.0-6.0.4.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10057-1 ruby2.2-rubygem-actionview-4_2-4.2.7.1-1.1 on GA media

These are all security issues fixed in the ruby2.2-rubygem-actionview-42-4.2.7.1-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2023:3813-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3813-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVE...

SUSE-SU-2023:3813-1 Security update for rubygem-actionview-5_1

This update for rubygem-actionview-51 fixes the following issues: - CVE-2023-23913: Fixed DOM Based Cross-site Scripting in rails-ujs bsc1209826...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2023-4f0bb4ff5e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2023-7002afbbb8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2023-d6157bb1e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3860-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - CVE-2022-27777: Fixed cross-site scripting vulnerability in Action View tag helpers bsc1199060...

CVE-2022-27777

A flaw was found in rubygem-actionview when untrusted data such as the hash key for tag attributes are not properly escaped. This flaw allows an attacker to perform a Cross-site scripting attack...

OESA-2021-1180 rubygem-actionview security update

Simple, battle-tested conventions and helpers for building web pages. Security Fixes: In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting XSS vulnerability in Action View s translation helpers. Views that allow the user to control the default not found val...

Fedora: Security Advisory for rubygem-actionview (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2020:2686-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - CVE-2020-15169: Fix cross-site scripting in translation helpers bsc1176421...

SUSE-SU-2020:2140-1 Security update for rubygem-actionview-4_2

This update for rubygem-actionview-42 fixes the following issues: - Fixed a potential remote code execution of user-provided local names bsc1173144, CVE-2020-8163...

CVE-2020-8167

A flaw was found in rubygem-actionview. A regression of CVE-2015-1840 causes Rails-ujs to send CSRF tokens to wrong domains. The highest threat from this vulnerability is to data integrity...

openSUSE: Security Advisory for rubygem-actionview-5_1 (openSUSE-SU-2020:0627-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2020:1178-1)

This update for rubygem-actionview-51 fixes the following issues : CVE-2020-5267: Fixed an XSS vulnerability in ActionView's JavaScript literal escape helpers bsc1167240. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

openSUSE Security Update : rubygem-actionview-5_1 (openSUSE-2020-627)

This update for rubygem-actionview-51 fixes the following issues : - CVE-2020-5267: Fixed an XSS vulnerability in ActionView's JavaScript literal escape helpers bsc1167240. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text a...

Security update for rubygem-actionview-5_1 (moderate)

openSUSE Security Update: Security update for rubygem-actionview-51 Announcement ID: openSUSE-SU-2020:0627-1 Rating: moderate References: 1167240 Cross-References: CVE-2020-5267 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update...