tfm-rubygem-text vulnerabilities

Known vulnerabilities in the tfm-rubygem-text package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Information Exposure	<0:1.3.0-7.el7sat
M Missing Authorization	<0:1.3.0-7.el7sat
M Information Exposure Through Log Files	<0:1.3.0-7.el7sat
H Improper Input Validation	<0:1.3.0-7.el7sat
H Cross-site Scripting (XSS)	<0:1.3.0-7.el7sat
M Information Exposure	<0:1.3.0-7.el7sat
M Incorrect Permission Assignment for Critical Resource	<0:1.3.0-7.el7sat
M Cleartext Storage of Sensitive Information	<0:1.3.0-7.el7sat
M Improper Authentication	<0:1.3.0-7.el7sat
H Improper Authorization	<0:1.3.0-7.el7sat
H Cleartext Transmission of Sensitive Information	<0:1.3.0-7.el7sat
H Improper Certificate Validation	<0:1.3.0-7.el7sat
H Insufficiently Protected Credentials	<0:1.3.0-7.el7sat
H Improper Authentication	<0:1.3.0-7.el7sat
M Cross-site Scripting (XSS)	<0:1.3.0-7.el7sat
H Information Exposure	<0:1.3.0-7.el7sat
M Information Exposure	<0:1.3.0-7.el7sat
H Incorrect Default Permissions	<0:1.3.0-7.el7sat
M SQL Injection	<0:1.3.0-7.el7sat
H Improperly Implemented Security Check for Standard	<0:1.3.0-7.el7sat
H Missing Authorization	<0:1.3.0-7.el7sat
H Improper Validation of Certificate with Host Mismatch	<0:1.3.0-7.el7sat
M Execution with Unnecessary Privileges	<0:1.3.0-7.el7sat
H HTTP Request Smuggling	<0:1.3.0-7.el7sat
M Resource Exhaustion	<0:1.3.0-7.el7sat
M Out-of-Bounds	<0:1.3.0-7.el7sat
M Information Exposure	<0:1.3.0-7.el7sat
M Cross-site Request Forgery (CSRF)	<0:1.3.0-7.el7sat
H Cross-site Scripting (XSS)	<0:1.3.0-7.el7sat
M Cross-site Request Forgery (CSRF)	<0:1.3.0-7.el7sat
H Improper Input Validation	<0:1.3.0-7.el7sat
M Cross-site Scripting (XSS)	<0:1.3.0-7.el7sat
M Improper Input Validation	<0:1.3.0-7.el7sat
M Improper Input Validation	<0:1.3.0-7.el7sat
H Eval Injection	<0:1.3.0-7.el7sat
H Directory Traversal	<0:1.3.0-7.el7sat
H HTTP Response Splitting	<0:1.3.0-7.el7sat
H Reliance on Untrusted Inputs in a Security Decision	<0:1.3.0-7.el7sat
M HTTP Response Splitting	<0:1.3.0-7.el7sat
H CVE-2018-3258	<0:1.3.0-7.el7sat
H Covert Timing Channel	<0:1.3.0-7.el7sat
M Covert Timing Channel	<0:1.3.0-7.el7sat
M Arbitrary Argument Injection	<0:1.3.0-7.el7sat
M Improper Neutralization of Special Elements	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
M Improper Neutralization of Special Elements	<0:1.3.0-7.el7sat
M Information Exposure	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat
M Use After Free	<0:1.3.0-7.el7sat
H Deserialization of Untrusted Data	<0:1.3.0-7.el7sat

Vulnerability

Vulnerable Version

Information Exposure

<0:1.3.0-7.el7sat

Missing Authorization

<0:1.3.0-7.el7sat

Information Exposure Through Log Files

<0:1.3.0-7.el7sat

Improper Input Validation

<0:1.3.0-7.el7sat

Cross-site Scripting (XSS)

<0:1.3.0-7.el7sat