[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Nokogiri security update v1.10.3
From: Mike Dalessio <mike.dalessio () gmail ! com>
Date: 2019-04-23 14:05:50
Message-ID: CAGJbjKad9c-kqKS9B3rqYfOsRwwvYRW7CftF1f5uyCxUs3vVpA () mail ! gmail ! com
[Download RAW message or body]
Florian, thanks for the clarification.
NVD indicates that this is a CVSS v3.0 severity "9.8: Critical".
Here are permalinks:
- NVD entry:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068#vulnCurrentDescriptionTitle
- expanded CVSS 3.0 score:
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2019-11068&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-m
On Tue, Apr 23, 2019 at 5:00 AM Florian Weimer <fweimer@redhat.com> wrote:
> * Mike Dalessio:
>
> > This is a security release. It addresses a CVE in upstream libxslt rated
> as
> > "Priority: medium" by Canonical, and "NVD Severity: high" by Debian. More
> > details are available below.
>
> Note that the Debian security tracker only relays what NVD provides in
> this field. It is not updated if a separate review yields different
> results.
>
> Thanks,
> Florian
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic