|
|
Log in / Subscribe / Register

rubygem-rdoc: cross-site scripting

Package(s):rubygem-rdoc CVE #(s):CVE-2013-0256
Created:February 15, 2013 Updated:May 8, 2013
Description:

From the Ruby advisory:

RDoc documentation generated by rdoc bundled with ruby are vulnerable to an XSS exploit. All ruby users are recommended to update ruby to newer version which includes security-fixed RDoc. If you are publishing RDoc documentation generated by rdoc, you are recommended to apply a patch for the documentaion or re-generate it with security-fixed RDoc.

RDoc documentation generated by rdoc 2.3.0 through rdoc 3.12 and prereleases up to rdoc 4.0.0.preview2.1 are vulnerable to an XSS exploit. This exploit may lead to cookie disclosure to third parties.

Alerts:
Debian-LTS DLA-235-1 ruby1.9.1 2015-05-30
Fedora FEDORA-2013-2143 rubygem-rdoc 2013-05-07
Fedora FEDORA-2013-2131 rubygem-rdoc 2013-05-07
Red Hat RHSA-2013:0728-01 rubygem 2013-04-09
SUSE SUSE-SU-2013:0647-1 Ruby 1.9 2013-04-09
Red Hat RHSA-2013:0701-01 ruby193-ruby 2013-04-02
openSUSE openSUSE-SU-2013:0376-1 ruby19 2013-03-01
Ubuntu USN-1733-1 ruby1.9.1 2013-02-21
openSUSE openSUSE-SU-2013:0303-1 rubygem-rdoc 2013-02-15
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds