ruby-rdoc
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | Command-line documentation generator for Ruby projects |
Version | 6.6.3.1-2 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1901 | 6.3.0-3 | 6.3.1-1 | Medium | Fixed | |
AVG-1041 | 6.1.1-1 | 6.1.2-1 | Medium | Fixed | FS#63978 |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2021-31799 | AVG-1901 | Medium | Yes | Arbitrary command execution | RDoc before version 6.3.1, as bundled with Ruby before version 2.7.4 and 2.6.8 as well as GitLab before version 14.0.2, used to call Kernel#open to open a... |
CVE-2015-9251 | AVG-1041 | Medium | Yes | Cross-site scripting | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing... |
CVE-2012-6708 | AVG-1041 | Medium | Yes | Cross-site scripting | jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a... |
Advisories
Date | Advisory | Group | Severity | Type |
---|---|---|---|---|
02 Oct 2019 | ASA-201910-4 | AVG-1041 | Medium | cross-site scripting |