rpm package
suse/rubygem-redcarpet&distro=SUSE OpenStack Cloud Crowbar 8
pkg:rpm/suse/rubygem-redcarpet&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41136 | — | < 3.2.3-3.3.1 | 3.2.3-3.3.1 | Oct 12, 2021 | Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the p | ||
| CVE-2020-26298 | — | < 3.2.3-3.3.1 | 3.2.3-3.3.1 | Jan 11, 2021 | Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the |
- CVE-2021-41136Oct 12, 2021affected < 3.2.3-3.3.1fixed 3.2.3-3.3.1
Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the p
- CVE-2020-26298Jan 11, 2021affected < 3.2.3-3.3.1fixed 3.2.3-3.3.1
Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the