[FREEBSD:ED8D5535-CA78-11E9-980B-999FF59C22EA] RDoc -- multiple jQuery vulnerabilities
Severity
Medium
Affected Packages
2
CVEs
2
Ruby news:
There are multiple vulnerabilities about Cross-Site Scripting (XSS) in
jQuery shipped with RDoc which bundled in Ruby. All Ruby users are
recommended to update Ruby to the latest release which includes the
fixed version of RDoc.
The following vulnerabilities have been reported.
CVE-2012-6708
CVE-2015-9251
Package | Affected Version |
---|---|
pkg:freebsd/rubygem-rdoc | < 6.1.2 |
pkg:freebsd/ruby | < 2.4.7,1 |
- ID
- FREEBSD:ED8D5535-CA78-11E9-980B-999FF59C22EA
- Severity
- medium
- Severity from
- CVE-2012-6708
- URL
- http://vuxml.freebsd.org/freebsd/ed8d5535-ca78-11e9-980b-999ff59c22ea.html
- Published
-
2019-08-28T00:00:00
(5 years ago) - Modified
-
2019-08-29T00:00:00
(5 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2020-1422
- ALAS2-2020-1519
- ALPINE:CVE-2012-6708
- ALPINE:CVE-2015-9251
- ALSA-2020:4670
- ALSA-2020:4847
- ASA-201910-4
- ELSA-2020-3936
- FREEBSD:416CA0F4-3FE0-11E9-BBDD-6805CA0B3D42
- MAVEN:GHSA-2PQJ-H3VJ-PQGW
- MAVEN:GHSA-RMXG-73GG-4P98
- NPM:GHSA-2PQJ-H3VJ-PQGW
- NPM:GHSA-RMXG-73GG-4P98
- openSUSE-SU-2020:0395-1
- RHSA-2020:3936
- RHSA-2020:4670
- RHSA-2020:4847
- RLSA-2020:4670
- RLSA-2020:4847
- RUBYSEC:JQUERY-RAILS-2012-6708
- RUBYSEC:JQUERY-RAILS-2015-9251
- SUSE-SU-2020:0737-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://www.ruby-lang.org/en/news/2019/08/28/multiple-jquery-vulnerabilities-in-rdoc/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/rubygem-rdoc | rubygem-rdoc | < 6.1.2 | ||||
Affected | pkg:freebsd/ruby | ruby | < 2.4.7,1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |