Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 2 of 2 results

CVE-2023-31606

Medium priority

Some fixes available 5 of 6

A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

1 affected packages

ruby-redcloth

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ruby-redcloth Fixed Fixed Fixed Fixed
Show less packages

CVE-2012-6684

Medium priority
Ignored

Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.

2 affected packages

redcloth, ruby-redcloth

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
redcloth Not in release Not in release
ruby-redcloth Not affected Not affected
Show less packages