GitLab

Created by: armorcodegithubpreprod[bot]

The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly handle characters immediately after a UTF-8 character, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted string. Vulnerable Software: cpe:2.3:a:jruby:jruby:1.0.0:rc2:::::: cpe:2.3:a:jruby:jruby:1.2.0:rc2:::::: cpe:2.3:a:jruby:jruby:1.3.0:rc2:::::: cpe:2.3:a:jruby:jruby:1.4.0:rc2:::::: cpe:2.3:a:jruby:jruby:1.1:b1:::::: cpe:2.3:a:jruby:jruby:0.9.9:::::::* cpe:2.3:a:jruby:jruby:1.0.2:::::::* cpe:2.3:a:jruby:jruby:1.0:::::::* cpe:2.3:a:jruby:jruby:1.1.2:::::::* cpe:2.3:a:jruby:jruby:1.1.5:::::::* cpe:2.3:a:jruby:jruby:1.2.0:::::::* cpe:2.3:a:jruby:jruby:1.1.3:::::::* cpe:2.3:a:jruby:jruby:1.4.0:rc3:::::: cpe:2.3:a:jruby:jruby:::::::: cpe:2.3:a:jruby:jruby:1.0.0:rc1:::::: cpe:2.3:a:jruby:jruby:1.2.0:rc1:::::: cpe:2.3:a:jruby:jruby:1.0.0:rc3:::::: cpe:2.3:a:jruby:jruby:1.1.1:::::::* cpe:2.3:a:jruby:jruby:1.1:::::::* cpe:2.3:a:jruby:jruby:1.1.4:::::::* cpe:2.3:a:jruby:jruby:0.9.1:::::::* cpe:2.3:a:jruby:jruby:1.0.1:::::::* cpe:2.3:a:jruby:jruby:0.9.8:::::::* cpe:2.3:a:jruby:jruby:1.3.0:rc1:::::: cpe:2.3:a:jruby:jruby:1.4.0:rc1:::::: cpe:2.3:a:jruby:jruby:0.9.2:::::::* cpe:2.3:a:jruby:jruby:1.3.1:::::::* cpe:2.3:a:jruby:jruby:1.0.3:::::::* cpe:2.3:a:jruby:jruby:1.1:rc3:::::: cpe:2.3:a:jruby:jruby:1.3.0:::::::* cpe:2.3:a:jruby:jruby:1.1.6:::::::* cpe:2.3:a:jruby:jruby:1.1:rc2:::::: cpe:2.3:a:jruby:jruby:1.1.6:rc1:::::: cpe:2.3:a:jruby:jruby:0.9.0:::::::* cpe:2.3:a:jruby:jruby:1.1:rc1::::::

File Path: \Profiles\ptrovatelli.m2\repository\org\jruby\jruby-complete\1.7.21\jruby-complete-1.7.21.jar\META-INF\jruby.home\lib\ruby\shared\readline\readline.jar

Finding Id : 10580010