exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 9

CVE-2018-16471

около 7 лет назад

There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.

CVSS3: 6.1

EPSS: Низкий

CVE-2018-16471

больше 7 лет назад

CVSS3: 6.1

EPSS: Низкий

CVE-2018-16471

около 7 лет назад

CVSS3: 6.1

EPSS: Низкий

CVE-2018-16471

около 7 лет назад

There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...

CVSS3: 6.1

EPSS: Низкий

openSUSE-SU-2019:1553-1

больше 6 лет назад

Security update for rubygem-rack

EPSS: Низкий

GHSA-5r2p-j47h-mhpg

около 7 лет назад

Rack vulnerable to Cross-site Scripting

CVSS3: 6.1

EPSS: Низкий

BDU:2019-03337

около 7 лет назад

Уязвимость модуля Rack интерпретатора языка программирования Ruby, позволяющая нарушителю оказать воздействие на целостность данных

CVSS3: 6.1

EPSS: Низкий

openSUSE-SU-2020:0214-1

почти 6 лет назад

Security update for rubygem-rack

EPSS: Низкий

SUSE-SU-2020:0359-1

около 6 лет назад

Security update for rubygem-rack

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-16471 There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.	CVSS3: 6.1	0% Низкий	около 7 лет назад
CVE-2018-16471 There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.	CVSS3: 6.1	0% Низкий	больше 7 лет назад
CVE-2018-16471 There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.	CVSS3: 6.1	0% Низкий	около 7 лет назад
CVE-2018-16471 There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. ...	CVSS3: 6.1	0% Низкий	около 7 лет назад
openSUSE-SU-2019:1553-1 Security update for rubygem-rack		0% Низкий	больше 6 лет назад
GHSA-5r2p-j47h-mhpg Rack vulnerable to Cross-site Scripting	CVSS3: 6.1	0% Низкий	около 7 лет назад
BDU:2019-03337 Уязвимость модуля Rack интерпретатора языка программирования Ruby, позволяющая нарушителю оказать воздействие на целостность данных	CVSS3: 6.1	0% Низкий	около 7 лет назад
openSUSE-SU-2020:0214-1 Security update for rubygem-rack			почти 6 лет назад
SUSE-SU-2020:0359-1 Security update for rubygem-rack			около 6 лет назад

Уязвимостей на страницу