exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-27285

больше 1 года назад

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.

CVSS3: 5.4

EPSS: Низкий

CVE-2024-27285

больше 1 года назад

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.

CVSS3: 5.4

EPSS: Низкий

CVE-2024-27285

больше 1 года назад

YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.

CVSS3: 5.4

EPSS: Низкий

CVE-2024-27285

больше 1 года назад

YARD is a Ruby Documentation tool. The "frames.html" file within the Y ...

CVSS3: 5.4

EPSS: Низкий

ROS-20240711-01

12 месяцев назад

Уязвимость rubygem-yard

CVSS3: 5.4

EPSS: Низкий

GHSA-8mq4-9jjh-9xrc

больше 1 года назад

YARD's default template vulnerable to Cross-site Scripting in generated frames.html

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.	CVSS3: 5.4	2% Низкий	больше 1 года назад
CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.	CVSS3: 5.4	2% Низкий	больше 1 года назад
CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in 0.9.36.	CVSS3: 5.4	2% Низкий	больше 1 года назад
CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Y ...	CVSS3: 5.4	2% Низкий	больше 1 года назад
ROS-20240711-01 Уязвимость rubygem-yard	CVSS3: 5.4	2% Низкий	12 месяцев назад
GHSA-8mq4-9jjh-9xrc YARD's default template vulnerable to Cross-site Scripting in generated frames.html	CVSS3: 5.4	2% Низкий	больше 1 года назад

Уязвимостей на страницу