ruby-rdoc
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Command-line documentation generator for Ruby projects |
| Version | 6.4.0-4 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1901 | 6.3.0-3 | 6.3.1-1 | Medium | Fixed | |
| AVG-1041 | 6.1.1-1 | 6.1.2-1 | Medium | Fixed | FS#63978 |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-31799 | AVG-1901 | Medium | Yes | Arbitrary command execution | RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a... |
| CVE-2015-9251 | AVG-1041 | Medium | Yes | Cross-site scripting | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing... |
| CVE-2012-6708 | AVG-1041 | Medium | Yes | Cross-site scripting | jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 02 Oct 2019 | ASA-201910-4 | AVG-1041 | Medium | cross-site scripting |