CVE-2023-25015
https://notcve.org/view.php?id=CVE-2023-25015
Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF. • https://github.com/ankane/clockwork_web/commit/ec2896503ee231588547c2fad4cb93a94e78f857 https://github.com/ankane/clockwork_web/compare/v0.1.1...v0.1.2 https://github.com/ankane/clockwork_web/issues/4 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2022-23520 – rails-html-sanitizer contains an incomplete fix for an XSS vulnerability
https://notcve.org/view.php?id=CVE-2022-23520
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both "select" and "style" elements. Code is only impacted if allowed tags are being overridden. This issue is patched in version 1.4.4. • https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-rrfc-7g8p-99q8 https://hackerone.com/reports/1654310 https://lists.debian.org/debian-lts-announce/2023/09/msg00012.html https://access.redhat.com/security/cve/CVE-2022-23520 https://bugzilla.redhat.com/show_bug.cgi?id=2153751 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-23519 – Possible XSS vulnerability with certain configurations of rails-html-sanitizer
https://notcve.org/view.php?id=CVE-2022-23519
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags in either of the following ways: allow both "math" and "style" elements, or allow both "svg" and "style" elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include "math" or "svg" and "style" should either upgrade or use the following workaround immediately: Remove "style" from the overridden allowed tags, or remove "math" and "svg" from the overridden allowed tags. rails-html-sanitizer es responsable de sanitizar fragmentos HTML en aplicaciones Rails. • https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-9h9g-93gc-623h https://hackerone.com/reports/1656627 https://lists.debian.org/debian-lts-announce/2023/09/msg00012.html https://access.redhat.com/security/cve/CVE-2022-23519 https://bugzilla.redhat.com/show_bug.cgi?id=2153744 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-23518 – Improper neutralization of data URIs allows XSS in rails-html-sanitizer
https://notcve.org/view.php?id=CVE-2022-23518
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4. rails-html-sanitizer es responsable de sanitizar fragmentos HTML en aplicaciones Rails. Las versiones >= 1.0.3, < 1.4.4 son vulnerables a Cross-Site Scripting (XSS) a través de URI de datos cuando se usan en combinación con Loofah >= 2.1.0. Este problema está parcheado en la versión 1.4.4. • https://github.com/rails/rails-html-sanitizer/issues/135 https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-mcvf-2q2m-x72m https://hackerone.com/reports/1694173 https://lists.debian.org/debian-lts-announce/2023/09/msg00012.html https://access.redhat.com/security/cve/CVE-2022-23518 https://bugzilla.redhat.com/show_bug.cgi?id=2153701 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-23517 – Inefficient Regular Expression Complexity in rails-html-sanitizer
https://notcve.org/view.php?id=CVE-2022-23517
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue has been patched in version 1.4.4. rails-html-sanitizer es responsable de sanitizar fragmentos HTML en aplicaciones Rails. Ciertas configuraciones de rails-html-sanitizer < 1.4.4 utilizan una expresión regular ineficiente que es susceptible a un retroceso excesivo al intentar sanitizar ciertos atributos SVG. • https://github.com/rails/rails-html-sanitizer/commit/56c61c0cebd1e493e8ad7bca2a0191609a4a6979 https://github.com/rails/rails-html-sanitizer/security/advisories/GHSA-5x79-w82f-gw8w https://hackerone.com/reports/1684163 https://lists.debian.org/debian-lts-announce/2023/09/msg00012.html https://access.redhat.com/security/cve/CVE-2022-23517 https://bugzilla.redhat.com/show_bug.cgi?id=2153720 • CWE-1333: Inefficient Regular Expression Complexity •