rubygem-rack: denial of service in header parsing

A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service...

RHEL 9 : pcs (RHSA-2023:2652)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2652 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack:...

Fedora: Security Advisory for rubygem-redcarpet (FEDORA-2023-8682a0e17d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-redcarpet (FEDORA-2023-44daa9c1d4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rubygem-redcarpet (FEDORA-2023-597f13ffb9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: pcs security and bug fix update

An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

[SECURITY] Fedora 38 Update: rubygem-redcarpet-3.3.2-26.fc38

A fast, safe and extensible Markdown to XHTML parser...

[SECURITY] Fedora 37 Update: rubygem-redcarpet-3.3.2-26.fc37

A fast, safe and extensible Markdown to XHTML parser...

[SECURITY] Fedora 36 Update: rubygem-redcarpet-3.3.2-26.fc36

A fast, safe and extensible Markdown to XHTML parser...

Important: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: pcs: webpack: Regression of CVE-2023-28154 fixes in the AlmaLinux CVE-2023-2319 rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of...

Fedora 38 : rubygem-redcarpet (2023-44daa9c1d4)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-44daa9c1d4 advisory. A security flow was found on redcarpet that escaping html was not properly done even if requested on some cases which may cause XSS vulnerability. This issue...

rubygem-actionpack: Possible cross-site scripting vulnerability in Action Pack

A flaw was found in rubygem-actionpack where CSP headers were sent with responses that Rails considered "HTML" responses. This flaw allows an attacker to leave API requests without CSP headers and perform a Cross-site scripting attack...

rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting

A Cross-site scripting vulnerability was found in rubygem loofah. While neutralizing certain data URIs, loofah is susceptible to Cross-site scripting attacks...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2023:2059-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2059-1 advisory. - In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting XSS vulnerability in Action View's...

SUSE-SU-2023:2059-1 Security update for rubygem-actionview-5_1

This update for rubygem-actionview-51 fixes the following issues: - CVE-2022-27777: Fixed possible cross-site scripting vulnerability in Action View tag helpers bsc1199060. - CVE-2020-15169: Fixed cross-site scripting in translation helpers bsc1176421. - CVE-2020-8167: Fixed CSRF vulnerability in...

Moderate: Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update

Logging Subsystem 5.6.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

rubygem-rack: denial of service in header parsing

A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service...

Moderate: Red Hat Security Advisory: pcs security and bug fix update

An update for pcs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: pcs security and bug fix update

An update for pcs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE-SU-2023:1869-1 Security update for rubygem-rack

This update for rubygem-rack fixes the following issues: - CVE-2023-27539: Fixed denial of service in header parsing bsc1209503...