VYPR

rpm package

suse/rubygem-loofah&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/rubygem-loofah&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (2)

  • CVE-2018-16468Oct 30, 2018
    affected < 2.0.2-3.5.1fixed 2.0.2-3.5.1

    In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

  • CVE-2018-8048MedMar 27, 2018
    affected < 2.0.2-3.5.1fixed 2.0.2-3.5.1

    In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.