VYPR

rpm package

suse/rubygem-redcarpet&distro=SUSE OpenStack Cloud Crowbar 8

pkg:rpm/suse/rubygem-redcarpet&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208

Vulnerabilities (2)

  • CVE-2021-41136Oct 12, 2021
    affected < 3.2.3-3.3.1fixed 3.2.3-3.3.1

    Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the p

  • CVE-2020-26298Jan 11, 2021
    affected < 3.2.3-3.3.1fixed 3.2.3-3.3.1

    Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the