logo
DATABASE RESOURCES PRICING ABOUT US

Moderate severity vulnerability that affects loofah

Description

In the Loofah gem for Ruby, through version 2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. Users are advised to upgrade to version 2.2.3. See https://github.com/flavorjones/loofah/issues/154 for more details.


Affected Software


CPE Name Name Version
loofah 0.2.0
loofah 0.2.1
loofah 0.2.2
loofah 0.3.0
loofah 0.3.1
loofah 0.4.0
loofah 0.4.1
loofah 0.4.2
loofah 0.4.3
loofah 0.4.4
loofah 0.4.5
loofah 0.4.6
loofah 0.4.7
loofah 1.0.0
loofah 1.0.0.beta.1
loofah 1.1.0
loofah 1.2.0
loofah 1.2.1
loofah 2.0.0
loofah 2.0.1
loofah 2.0.2
loofah 2.0.3
loofah 2.1.0
loofah 2.1.0.rc1
loofah 2.1.0.rc2
loofah 2.1.1
loofah 2.2.0
loofah 2.2.1
loofah 2.2.2

Related