Lucene search
K

13 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.2 views

SUSE CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

6.3CVSS6.9AI score0.01554EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/11/05 12:0 a.m.28 views

SUSE SLES15: ruby2.5-rubygem-loofah / ruby2.5-rubygem-loofah-doc / etc (SUSE-SU-2022:3868-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3868-1 advisory. - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements bsc1154751. Tenable has extracted the preceding description block...

5.4CVSS6.6AI score0.01554EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/09/16 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-4498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS6AI score0.01554EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/09/15 7:25 p.m.58 views

USN-4498-1: Loofah vulnerability

It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks. CVE-2019-15587...

5.4CVSS6.6AI score0.01554EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/03/02 12:0 a.m.34 views

Fedora 31 : rubygem-loofah (2020-03c0964b6a)

Fix XXS when a crafted SVG element is republished. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues....

5.4CVSS6.4AI score0.01554EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/02 12:0 a.m.29 views

Fedora 30 : rubygem-loofah (2020-1ebc4b8284)

Fix XXS when a crafted SVG element is republished. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues....

5.4CVSS6.4AI score0.01554EPSS
Exploits0References2
Debian
Debian
added 2019/10/28 9:39 p.m.80 views

[SECURITY] [DSA 4554-1] ruby-loofah security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4554-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 28, 2019 https://www.debian.org/security/faq -...

5.4CVSS5.7AI score0.01554EPSS
Exploits0
NVD
NVD
added 2019/10/22 9:15 p.m.15 views

CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

5.4CVSS5.3AI score0.01554EPSS
Exploits0References7
OSV
OSV
added 2019/10/22 9:15 p.m.24 views

CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

5.4CVSS7AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2019/10/22 9:15 p.m.25 views

CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

5.4CVSS6.6AI score0.01554EPSS
Exploits0References3
OSV
OSV
added 2019/10/22 9:15 p.m.4 views

UBUNTU-CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

5.4CVSS6.6AI score0.01554EPSS
Exploits0References4
CVE
CVE
added 2019/10/22 8:7 p.m.160 views

CVE-2019-15587

CVE-2019-15587 affects the Loofah gem for Ruby up to version 2.3.0, where crafted SVG content can cause unsanitized JavaScript to appear in sanitized output (XSS risk). Exploitation details are not provided beyond this description. Remediation across ecosystems includes upgrading to patched Loofa...

5.4CVSS5.4AI score0.01554EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2019/10/22 8:7 p.m.29 views

CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

5.4CVSS6AI score0.01554EPSS
Exploits0
Rows per page
Query Builder