ruby-rdoc

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Command-line documentation generator for Ruby projects
Version 6.4.0-2 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1901 6.3.0-3 6.3.1-1 Medium Fixed
AVG-1041 6.1.1-1 6.1.2-1 Medium Fixed FS#63978
Issue Group Severity Remote Type Description
CVE-2021-31799 AVG-1901 Medium Yes Arbitrary command execution
RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a...
CVE-2015-9251 AVG-1041 Medium Yes Cross-site scripting
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing...
CVE-2012-6708 AVG-1041 Medium Yes Cross-site scripting
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a...

Advisories

Date Advisory Group Severity Type
02 Oct 2019 ASA-201910-4 AVG-1041 Medium cross-site scripting