30 matches found
Debian DSA-4364-1 : ruby-loofah - security update
It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 4364-1] ruby-loofah security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4364-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2019 https://www.debian.org/security/faq -...
DSA-4364-1 ruby-loofah - security update
Bulletin has no description...
Debian: Security Advisory (DSA-4364-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4171-1 : ruby-loofah - security update
The Shopify Application Security Team reported that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, allows non-whitelisted attributes to be present in sanitized output when input with specially crafted HTML fragments. This might allow to mount a...
[SECURITY] [DSA 4171-1] ruby-loofah security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4171-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4171-1] ruby-loofah security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4171-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2018 https://www.debian.org/security/faq -...
DSA-4171-1 ruby-loofah - security update
Bulletin has no description...
Debian: Security Advisory (DSA-4171-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ruby Loofah gem cross-site scripting vulnerability
The Ruby Loofah gem is a general-purpose library for manipulating and transforming HTML/XML documents. A cross-site scripting vulnerability exists in Ruby Loofah gem version 2.2.0 and earlier. A remote attacker can exploit this vulnerability by redistributing specially crafted HTML snippets to...