VulnerableCode Package Details - pkg:deb/debian/ruby-i18n@0.6.9-1~bpo70%2B1

Search for packages

Vulnerability	Summary	Fixed by
VCID-65ha-wgr4-eqd4 Aliases: CVE-2013-4492 GHSA-r5hc-9xx5-97rw	Reflective XSS Vulnerability When a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.	0.6.9-2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-sns8-17hs-vugu Aliases: CVE-2014-10077 GHSA-34hf-g744-jw64	Improper Input Validation `Hash#slice` in `lib/i18n/core_ext/hash.rb` in the i18n gem for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where `:some_key` is present in `keep_keys` but not present in the hash.	1.5.3-1+deb10u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-65ha-wgr4-eqd4
Aliases:
CVE-2013-4492
GHSA-r5hc-9xx5-97rw

Reflective XSS Vulnerability When a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.

0.6.9-2
Affected by 1 other vulnerability.

VCID-sns8-17hs-vugu
Aliases:
CVE-2014-10077
GHSA-34hf-g744-jw64

Improper Input Validation `Hash#slice` in `lib/i18n/core_ext/hash.rb` in the i18n gem for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where `:some_key` is present in `keep_keys` but not present in the hash.

1.5.3-1+deb10u1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T21:42:56.941946+00:00	Debian Oval Importer	Affected by	VCID-65ha-wgr4-eqd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:38:18.487141+00:00	Debian Oval Importer	Affected by	VCID-sns8-17hs-vugu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T21:21:41.364487+00:00	Debian Oval Importer	Affected by	VCID-65ha-wgr4-eqd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:26:11.587440+00:00	Debian Oval Importer	Affected by	VCID-sns8-17hs-vugu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:00:21.844114+00:00	Debian Oval Importer	Affected by	VCID-65ha-wgr4-eqd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:20:37.648972+00:00	Debian Oval Importer	Affected by	VCID-sns8-17hs-vugu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0