EUVD-2022-7470

Malicious code in bioql PyPI...

Debian dla-3901 : ruby-loofah - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3901 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3901-1 [email protected]...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-loofah (SUSE-SU-2023:1657-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1657-1 advisory. - Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofa...

CVE-2022-23515

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.1.0, 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1...

CVE-2022-23515 Improper neutralization of data URIs may allow XSS in Loofah

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.1.0, 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1...