Search for packages
| purl | pkg:gem/rdoc@4.0.0.preview2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-6q6r-ucwf-3ff7
Aliases: CVE-2012-6708 GHSA-2pqj-h3vj-pqgw |
The jQuery library, which is included in rdoc, is vulnerable to Cross-site Scripting (XSS) attacks. jQuery only deems the input to be HTML if it explicitly starts with the `<` character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common. |
Affected by 0 other vulnerabilities. |
|
VCID-84eq-cq89-9qhm
Aliases: CVE-2019-11358 GHSA-6c3j-c64m-qhgq |
Modification of Assumed-Immutable Data (MAID) Prototype pollution attack through jQuery $.extend |
Affected by 0 other vulnerabilities. |
|
VCID-ac75-ed1t-euc4
Aliases: CVE-2013-0256 GHSA-v2r9-c84j-v7xm OSV-90004 |
XSS exploit of RDoc documentation generated by rdoc This exploit may lead to cookie disclosure to third parties. The exploit exists in darkfish.js which is copied from the RDoc install location to the generated documentation. RDoc is a static documentation generation tool. Patching the library itself is insufficient to correct this exploit. |
Affected by 3 other vulnerabilities. |
|
VCID-r2sb-3qt6-myfh
Aliases: CVE-2015-9251 GHSA-rmxg-73gg-4p98 |
The jQuery library, which is included in rdoc, is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing `text/javascript` responses to be executed. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:20:59.601039+00:00 | GitLab Importer | Affected by | VCID-84eq-cq89-9qhm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2019-11358.yml | 38.6.0 |
| 2026-06-04T20:10:53.523792+00:00 | GitLab Importer | Affected by | VCID-r2sb-3qt6-myfh | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2015-9251.yml | 38.6.0 |
| 2026-06-04T20:10:53.034248+00:00 | GitLab Importer | Affected by | VCID-6q6r-ucwf-3ff7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2012-6708.yml | 38.6.0 |
| 2026-06-04T18:08:24.208983+00:00 | Ruby Importer | Affected by | VCID-ac75-ed1t-euc4 | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml | 38.6.0 |
| 2026-06-02T04:36:07.720032+00:00 | GitLab Importer | Affected by | VCID-ac75-ed1t-euc4 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/rdoc/CVE-2013-0256.yml | 38.6.0 |