Lucene search
FreeBSD34E0316A-AA91-11DF-8C2E-001517289BF8HistoryAug 16, 2010 - 12:00 a.m.
ruby -- UTF-7 encoding XSS vulnerability in WEBrick
2010-08-1600:00:00
vuxml.freebsd.org
31
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
70.7%
The official ruby site reports:
WEBrick have had a cross-site scripting vulnerability that allows
an attacker to inject arbitrary script or HTML via a crafted URI.
This does not affect user agents that strictly implement HTTP/1.1,
however, some user agents do not.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| FreeBSD | any | noarch | ruby | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby | < 1.8.7.248_3,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads | < 1.8.7.248_3,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads+oniguruma | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+pthreads+oniguruma | < 1.8.7.248_3,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+oniguruma | = 1.8.*,1 | UNKNOWN |
| FreeBSD | any | noarch | ruby+oniguruma | < 1.8.7.248_3,1 | UNKNOWN |
Related
openvas
openvas
Fedora Update for ruby FEDORA-2010-13401
2010-12-02 00:00:00
Fedora Update for ruby FEDORA-2010-13387
2010-08-30 00:00:00
Fedora Update for ruby FEDORA-2010-13401
2010-12-02 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: ruby-1.8.7.302-1.fc14
2010-08-24 01:58:26
[SECURITY] Fedora 13 Update: ruby-1.8.6.399-6.fc13
2010-08-23 22:06:53
[SECURITY] Fedora 12 Update: ruby-1.8.6.399-6.fc12
2010-08-23 21:56:42
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-10 00:59:04
cve
cve
CVE-2010-0541
2010-06-17 16:30:01
nessus
nessus
Fedora 12 : ruby-1.8.6.399-6.fc12 (2010-13341)
2010-08-24 00:00:00
Fedora 13 : ruby-1.8.6.399-6.fc13 (2010-13387)
2010-08-24 00:00:00
prion
prion
Cross site scripting
2010-06-17 16:30:00
cvelist
cvelist
CVE-2010-0541
2010-06-17 16:00:00
nvd
nvd
CVE-2010-0541
2010-06-17 16:30:01
ubuntucve
ubuntucve
CVE-2010-0541
2010-06-17 00:00:00
rubygems
rubygems
CVE-2010-0541 Ruby WEBrick javascript injection flaw
2010-06-14 20:00:00
centos
centos
irb, ruby security update
2011-08-14 21:12:51
ruby security update
2011-06-30 16:28:46
redhat
redhat
(RHSA-2011:0908) Moderate: ruby security update
2011-06-28 00:00:00
(RHSA-2011:0909) Moderate: ruby security update
2011-06-28 00:00:00
securityvulns
securityvulns
ruby multiple security vulnerabilities
2011-05-25 00:00:00
[ MDVSA-2011:097 ] ruby
2011-05-25 00:00:00
oraclelinux
oraclelinux
ruby security update
2011-06-28 00:00:00
ruby security update
2011-06-28 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2012-02-28 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
70.7%
Related for 34E0316A-AA91-11DF-8C2E-001517289BF8