https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 05:16:53 +0000 https://vulnerability.circl.lu/sighting/c367b498-9290-44c2-a392-98b0d88e2190/export {"uuid": "c367b498-9290-44c2-a392-98b0d88e2190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21636", "type": "seen", "source": "https://t.me/ctinow/163238", "content": "https://ift.tt/pFcoZQk\nCVE-2024-21636", "creation_timestamp": "2024-01-04T21:26:18.000000Z"} {"uuid": "c367b498-9290-44c2-a392-98b0d88e2190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21636", "type": "seen", "source": "https://t.me/ctinow/163238", "content": "https://ift.tt/pFcoZQk\nCVE-2024-21636", "creation_timestamp": "2024-01-04T21:26:18.000000Z"} https://vulnerability.circl.lu/sighting/c367b498-9290-44c2-a392-98b0d88e2190/export Thu, 04 Jan 2024 21:26:18 +0000 https://vulnerability.circl.lu/sighting/1a10beda-d859-4938-b913-1cae127119b0/export {"uuid": "1a10beda-d859-4938-b913-1cae127119b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21636", "type": "seen", "source": "https://t.me/cibsecurity/74430", "content": "\u203c\ufe0fCVE-2024-21636\u203c\ufe0f\n\nviewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. Versions prior to 3.9.0 have a crosssite scripting vulnerability that has the potential to impact anyone rendering a component directly from a controller with the viewcomponent gem. Note that only components that define a call method i.e. instead of using a sidecar template are affected. The return value of the call method is not sanitized and can include userdefined content. In addition, the return value of the outputpostamble methodis not sanitized, which can also lead to crosssite scripting issues. Versions 3.9.0 has been released and fully mitigates both the call and the outputpostamble vulnerabilities. As a workaround, sanitize the return value of call.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-05T01:35:14.000000Z"} {"uuid": "1a10beda-d859-4938-b913-1cae127119b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21636", "type": "seen", "source": "https://t.me/cibsecurity/74430", "content": "\u203c\ufe0fCVE-2024-21636\u203c\ufe0f\n\nviewcomponent is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. Versions prior to 3.9.0 have a crosssite scripting vulnerability that has the potential to impact anyone rendering a component directly from a controller with the viewcomponent gem. Note that only components that define a call method i.e. instead of using a sidecar template are affected. The return value of the call method is not sanitized and can include userdefined content. In addition, the return value of the outputpostamble methodis not sanitized, which can also lead to crosssite scripting issues. Versions 3.9.0 has been released and fully mitigates both the call and the outputpostamble vulnerabilities. As a workaround, sanitize the return value of call.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-05T01:35:14.000000Z"} https://vulnerability.circl.lu/sighting/1a10beda-d859-4938-b913-1cae127119b0/export Fri, 05 Jan 2024 01:35:14 +0000 https://vulnerability.circl.lu/sighting/0ea86193-5280-4c78-b6f8-f372962d85f3/export {"uuid": "0ea86193-5280-4c78-b6f8-f372962d85f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21636", "type": "seen", "source": "https://t.me/ctinow/166064", "content": "https://ift.tt/4JYjhRq\nCVE-2024-21636 Exploit", "creation_timestamp": "2024-01-10T19:17:01.000000Z"} {"uuid": "0ea86193-5280-4c78-b6f8-f372962d85f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21636", "type": "seen", "source": "https://t.me/ctinow/166064", "content": "https://ift.tt/4JYjhRq\nCVE-2024-21636 Exploit", "creation_timestamp": "2024-01-10T19:17:01.000000Z"} https://vulnerability.circl.lu/sighting/0ea86193-5280-4c78-b6f8-f372962d85f3/export Wed, 10 Jan 2024 19:17:01 +0000