Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
satellite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47318
ruby-git versions prior to v1.13.0 allows a remote authenticated malicious user to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648.
Ruby-git Project Ruby-git
Debian Debian Linux 10.0
Fedoraproject Fedora 37
NA
CVE-2022-40899
An issue discovered in Python Charmers Future 0.18.2 and previous versions allows remote malicious users to cause a denial of service via crafted Set-Cookie header from malicious web server.
Pythoncharmers Python-future
NA
CVE-2022-4130
A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server.
Redhat Satellite 6.11
Redhat Satellite 6.9
Redhat Satellite 6.10
NA
CVE-2022-23520
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allo...
Rubyonrails Rails Html Sanitizers
Debian Debian Linux 10.0
2 Github repositories
NA
CVE-2022-23517
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attribute...
Rubyonrails Rails Html Sanitizers
Debian Debian Linux 10.0
NA
CVE-2022-23518
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.
Rubyonrails Rails Html Sanitizers
Debian Debian Linux 10.0
Loofah Project Loofah
NA
CVE-2022-23519
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an malicious user to inject content if the application developer has overr...
Rubyonrails Rails Html Sanitizers
Debian Debian Linux 10.0
NA
CVE-2022-23514
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes...
Loofah Project Loofah
NA
CVE-2022-23515
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.
Loofah Project Loofah
Debian Debian Linux 10.0
NA
CVE-2022-23516
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError excepti...
Loofah Project Loofah
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »