Total
30543 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28362 | 1 Redhat | 1 Satellite | 2023-06-27 | 4.7 Medium |
| A Cross-site Scripting (XSS) vulnerability was found in Actionpack due to improper sanitization of user-supplied values. This allows provided values to contain characters that are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned location header. | ||||
| CVE-2023-23913 | 2023-03-20 | 7.5 High | ||
| A flaw was found in Rails. rails-ujs may allow an attacker to perform Cross-Site Scripting (XSS), which could lead to stolen information, phishing attacks, and other types of attacks. | ||||
| CVE-2023-28120 | 1 Redhat | 1 Logging | 2023-03-15 | 6.1 Medium |
| A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed. | ||||