crates.io package
ammonia
pkg:cargo/ammonia
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-38193 | — | >= 3.0.0, < 3.1.0 | 3.1.0 | Aug 8, 2021 | An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870. | ||
| CVE-2019-15542 | — | < 2.1.0 | 2.1.0 | Aug 26, 2019 | An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization. |
- CVE-2021-38193Aug 8, 2021affected >= 3.0.0, < 3.1.0fixed 3.1.0
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.
- CVE-2019-15542Aug 26, 2019affected < 2.1.0fixed 2.1.0
An issue was discovered in the ammonia crate before 2.1.0 for Rust. There is uncontrolled recursion during HTML DOM tree serialization.