rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...

Rocky Linux 8 : go-toolset:Rocky Linux8 (RLSA-2023:3319)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3319 advisory. - Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set \t...

CVE-2020-15049

An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace...

Cross site scripting

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "" HTML tags that contain a whitespace character, i.e: "", which results in the enclosed script logic to be executed...

CVE-2013-7085

Uscan in devscripts 2.13.5, when USCANEXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character in a filename...