Lucene search
RootSSV:61895HistoryMar 21, 2014 - 12:00 a.m.
Ruby rack-ssl Gem错误页面跨站脚本漏洞
2014-03-2100:00:00
Root
www.seebug.org
8
0.003 Low
EPSS
Percentile
65.6%
CVE ID:CVE-2014-2538
Ruby是跨平台、面向对象的动态类型编程语言。
由于某些关于错误页面的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。
0
rack-ssl gem for Ruby 1.x
rack-ssl gem for Ruby 1.4.0版本以修复此漏洞,建议用户下载使用:
https://github.com/josh/rack-ssl/commit/9d7d7300b907e496db68d89d07fbc2e0df0b487b
Related
nessus
nessus
Fedora 20 : rubygem-rack-ssl-1.3.2-9.fc20 (2014-4118)
2014-04-03 00:00:00
openSUSE Security Update : rubygem-rack-ssl (openSUSE-SU-2014:0515-1)
2014-06-13 00:00:00
openvas
openvas
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
2014-04-03 00:00:00
Fedora Update for rubygem-rack-ssl FEDORA-2014-4118
2014-04-03 00:00:00
Mageia: Security Advisory (MGASA-2014-0156)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2014-2538
2014-03-25 00:00:00
prion
prion
Cross site scripting
2014-03-25 18:21:00
cvelist
cvelist
CVE-2014-2538
2014-03-25 14:00:00
nvd
nvd
CVE-2014-2538
2014-03-25 18:21:48
osv
osv
rack-ssl Cross-site Scripting vulnerability
2017-10-24 18:33:36
mageia
mageia
Updated ruby-rack-ssl packages fix CVE-2014-2538
2014-04-03 17:23:20
github
github
rack-ssl Cross-site Scripting vulnerability
2017-10-24 18:33:36
debiancve
debiancve
CVE-2014-2538
2014-03-25 18:21:48
cve
cve
CVE-2014-2538
2014-03-25 18:21:48
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-rack-ssl-1.3.2-9.fc20
2014-04-02 09:19:53
rubygems
rubygems
CVE-2014-2538 rubygem rack-ssl: URL error display XSS
2013-07-08 20:00:00