VYPR

rpm package

suse/rubygem-loofah&distro=SUSE OpenStack Cloud Crowbar 9

pkg:rpm/suse/rubygem-loofah&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Vulnerabilities (2)

  • CVE-2019-15587Oct 22, 2019
    affected < 2.0.2-3.11.1fixed 2.0.2-3.11.1

    In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

  • CVE-2018-8048MedMar 27, 2018
    affected < 2.0.2-3.8.1fixed 2.0.2-3.8.1

    In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.