VYPR
Medium severity6.1NVD Advisory· Published Mar 27, 2018· Updated Jun 17, 2026

CVE-2018-8048

CVE-2018-8048

Description

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
loofahRubyGems
< 2.2.12.2.1
nokogiriRubyGems
< 1.8.31.8.3

Affected products

10

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.