pkg:gem/phlex
Type
gem
Name
phlex
Known advisories, vulnerabilities and fixes for phlex package.
- Repository
- https://rubygems.org/gems/phlex
High
4
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.9.1 |
CVE-2024-28199
|
RUBYSEC:PHLEX-2024-28199 | Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex | high |
2024-03-12T00:00:00
(6 months ago) |
|
Fixed | = 1.0.1 = 1.1.1 = 1.2.2 = 1.3.3 = 1.4.1 = 1.5.2 = 1.6.2 = 1.7.1 = 1.8.2 >= 1.9.1 |
CVE-2024-28199
|
RUBYSEC:PHLEX-2024-28199 | Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex | high |
2024-03-12T00:00:00
(6 months ago) |
|
Affected | < 1.10.1 |
CVE-2024-32463
|
RUBYSEC:PHLEX-2024-32463 | Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags | high |
2024-04-16T00:00:00
(5 months ago) |
|
Fixed | = 1.4.2 = 1.5.3 = 1.6.3 = 1.7.2 = 1.8.3 = 1.9.2 >= 1.10.1 |
CVE-2024-32463
|
RUBYSEC:PHLEX-2024-32463 | Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags | high |
2024-04-16T00:00:00
(5 months ago) |
|
Affected | < 1.10.2 |
CVE-2024-32970
|
RUBYSEC:PHLEX-2024-32970 | Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values | high |
2024-05-01T00:00:00
(4 months ago) |
|
Fixed | = 1.9.3 >= 1.10.2 |
CVE-2024-32970
|
RUBYSEC:PHLEX-2024-32970 | Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values | high |
2024-05-01T00:00:00
(4 months ago) |
|
Affected | < 1.10.1 | RUBYSEC:PHLEX-G7XQ-XV8C-H98C | Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags | high |
2024-04-16T00:00:00
(5 months ago) |
||
Fixed | = 1.4.2 = 1.5.3 = 1.6.3 = 1.7.2 = 1.8.3 = 1.9.2 >= 1.10.1 | RUBYSEC:PHLEX-G7XQ-XV8C-H98C | Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags | high |
2024-04-16T00:00:00
(5 months ago) |