Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2019/01/10 12:0 a.m.39 views

Debian DSA-4364-1 : ruby-loofah - security update

It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

5.4CVSS6.2AI score0.0091EPSS
Exploits0References4
Debian
Debian
added 2019/01/08 10:48 p.m.63 views

[SECURITY] [DSA 4364-1] ruby-loofah security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4364-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2019 https://www.debian.org/security/faq -...

5.4CVSS5.7AI score0.0091EPSS
Exploits0
OSV
OSV
added 2019/01/08 12:0 a.m.23 views

DSA-4364-1 ruby-loofah - security update

Bulletin has no description...

5.4CVSS5.6AI score0.0091EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/01/07 12:0 a.m.37 views

Debian: Security Advisory (DSA-4364-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.9AI score0.0091EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/04/16 12:0 a.m.30 views

Debian DSA-4171-1 : ruby-loofah - security update

The Shopify Application Security Team reported that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, allows non-whitelisted attributes to be present in sanitized output when input with specially crafted HTML fragments. This might allow to mount a...

6.1CVSS6.9AI score0.01984EPSS
Exploits0References5
Debian
Debian
added 2018/04/13 7:12 p.m.24 views

[SECURITY] [DSA 4171-1] ruby-loofah security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4171-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2018 https://www.debian.org/security/faq -...

4.3CVSS1.6AI score0.01984EPSS
Exploits0
Debian
Debian
added 2018/04/13 7:12 p.m.29 views

[SECURITY] [DSA 4171-1] ruby-loofah security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4171-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2018 https://www.debian.org/security/faq -...

6.1CVSS6.3AI score0.01984EPSS
Exploits0
OSV
OSV
added 2018/04/13 12:0 a.m.26 views

DSA-4171-1 ruby-loofah - security update

Bulletin has no description...

6.1CVSS6.3AI score0.01984EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/04/12 12:0 a.m.46 views

Debian: Security Advisory (DSA-4171-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.01984EPSS
Exploits0References4
CNVD
CNVD
added 2018/03/26 12:0 a.m.3 views

Ruby Loofah gem cross-site scripting vulnerability

The Ruby Loofah gem is a general-purpose library for manipulating and transforming HTML/XML documents. A cross-site scripting vulnerability exists in Ruby Loofah gem version 2.2.0 and earlier. A remote attacker can exploit this vulnerability by redistributing specially crafted HTML snippets to...

6.1CVSS6.2AI score0.01984EPSS
Exploits0References1
Rows per page
Query Builder