CVE-2021-38193

Опубликовано: 08 авг. 2021

Источник: debian

EPSS Низкий

Описание

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
rust-ammonia	fixed	3.1.2-1		package

Примечания

https://github.com/rust-ammonia/ammonia/commit/4b8426b89b861d9bea20e126576b0febb9d13515
https://rustsec.org/advisories/RUSTSEC-2021-0074.html

EPSS

Процентиль: 42%

0.00201

Низкий

Связанные уязвимости

CVE-2021-38193

CVSS3: 6.1

ubuntu

больше 4 лет назад

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.

CVE-2021-38193

CVSS3: 6.1

nvd

больше 4 лет назад

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.

GHSA-5325-xw5m-phm3

CVSS3: 6.1

github

больше 4 лет назад

Cross-site Scripting in ammonia

EPSS

Процентиль: 42%

0.00201

Низкий