VYPR

rpm package

suse/rubygem-loofah&distro=SUSE OpenStack Cloud Crowbar 8

pkg:rpm/suse/rubygem-loofah&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208

Vulnerabilities (3)

  • CVE-2019-15587Oct 22, 2019
    affected < 2.0.2-3.11.1fixed 2.0.2-3.11.1

    In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

  • CVE-2018-16468Oct 30, 2018
    affected < 2.0.2-3.5.1fixed 2.0.2-3.5.1

    In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

  • CVE-2018-8048MedMar 27, 2018
    affected < 2.0.2-3.5.1fixed 2.0.2-3.5.1

    In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.