Oval Definition:oval:org.opensuse.security:def:20208264
Revision Date:2022-06-30Version:1
Title:CVE-2020-8264
Description:

In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. This vulnerability is in the Actionable Exceptions middleware.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-8264
SUSE CVE-2020-8264
Platform(s):openSUSE Tumbleweed
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND rubygem-actionpack-4_2 is not affected
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ruby2.1-rubygem-actionpack-4_2 is not affected
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND ruby2.1-rubygem-actionpack-4_2 is not affected
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • ruby2.7-rubygem-actioncable-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-actionmailbox-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-actionmailer-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-actionpack-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-actiontext-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-actionview-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-activejob-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-activemodel-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-activerecord-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-activestorage-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-activesupport-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-rails-6.0-6.0.4-1.2 is installed
  • OR ruby2.7-rubygem-railties-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-actioncable-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-actionmailbox-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-actionmailer-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-actionpack-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-actiontext-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-actionview-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-activejob-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-activemodel-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-activerecord-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-activestorage-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-activesupport-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-rails-6.0-6.0.4-1.2 is installed
  • OR ruby3.0-rubygem-railties-6.0-6.0.4-1.2 is installed
  • OR ruby3.1-rubygem-actioncable-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-actionmailbox-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-actionmailer-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-actionpack-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-actiontext-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-actionview-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-activejob-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-activemodel-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-activerecord-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-activestorage-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-activesupport-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-rails-6.0-6.0.4.4-1.1 is installed
  • OR ruby3.1-rubygem-railties-6.0-6.0.4.4-1.1 is installed
    • BACK