227 matches found
Astra Linux - уязвимость в ruby-rails-html-sanitizer
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer 1.4.4 use a inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a...
Astra Linux - уязвимость в ruby-rails-html-sanitizer
Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there was a potential XSS vulnerability with certain configurations of Rails::Html::Sanitizer, due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer might allow an attacke...
Astra Linux - уязвимость в ruby-rails-html-sanitizer
Possible XSS Vulnerability in Rails::Html::Sanitizer There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This vulnerability has been assigned the CVE identifier CVE-2022-32209. Vulnerabilities affected: ALL Not affected: NONEMeaning: Fixed versions: v1.4.3...
Astra Linux - уязвимость в ruby-rails-html-sanitizer
Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions starting from 1.0.3 and before 1.4.4 are vulnerable to cross-site scripting through data URIs when used in conjunction with Loofah version 2.1.0 or higher. This issue has been fixed in version 1.4.4...
OPENSUSE-SU-2026:10569-1 ruby4.0-rubygem-rails-html-sanitizer-1.7.0-1.1 on GA media
These are all security issues fixed in the ruby4.0-rubygem-rails-html-sanitizer-1.7.0-1.1 package on the GA media of openSUSE Tumbleweed...
ruby4.0-rubygem-rails-html-sanitizer-1.6.0-1.9 on GA media (moderate)
ruby4.0-rubygem-rails-html-sanitizer-1.6.0-1.9 on GA media Announcement ID: openSUSE-SU-2026:10361-1 Rating: moderate Cross-References: CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 CVE-2018-3741 CVE-2022-23517 CVE-2022-23518 CVE-2022-23519 CVE-2022-23520 CVE-2022-32209 CVSS scores: CVE-2018-3741 SUS...
OPENSUSE-SU-2026:10361-1 ruby4.0-rubygem-rails-html-sanitizer-1.6.0-1.9 on GA media
These are all security issues fixed in the ruby4.0-rubygem-rails-html-sanitizer-1.6.0-1.9 package on the GA media of openSUSE Tumbleweed...
Ruby on Rails: Rails::HTML::Sanitizer.allowed_uri? returns true for entity-encoded control-character-split javascript: URLs
A vulnerability was discovered in the Rails::HTML::Sanitizer.alloweduri? method of the rails-html-sanitizer library. The method incorrectly returned true for entity-encoded control-character-split javascript: URLs, which could lead to potential security issues if the application relied on the...
MAL-2025-48040 Malicious code in rails-html-sanitizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6639c0a00dd79a8b017f59289f23eccd33625402399ac79c43d96fdb92e3b373 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview rails-html-sanitizer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-32970
Malicious code in rails-html-sanitizer npm...
Malicious code in rails-html-sanitizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6639c0a00dd79a8b017f59289f23eccd33625402399ac79c43d96fdb92e3b373 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2017-0169
Malware in sbrugna...
EUVD-2017-0299
Malware in sbrugna...
EUVD-2018-0191
Malware in sbrugna...
EUVD-2022-7685
Malicious code in bioql PyPI...
EUVD-2024-3460
Malicious code in bioql PyPI...
EUVD-2022-7520
Malicious code in bioql PyPI...
EUVD-2024-3517
Malicious code in bioql PyPI...
EUVD-2024-3433
Malicious code in bioql PyPI...