Fedora: Security Advisory (FEDORA-2023-1bbea3700b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:11900-1 ruby3.1-rubygem-loofah-2.14.0-1.1 on GA media

These are all security issues fixed in the ruby3.1-rubygem-loofah-2.14.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13162-1 ruby3.2-rubygem-loofah-2.19.1-1.2 on GA media

These are all security issues fixed in the ruby3.2-rubygem-loofah-2.19.1-1.2 package on the GA media of openSUSE Tumbleweed...

Fedora 40 : rubygem-loofah (2023-1bbea3700b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1bbea3700b advisory. Automatic update for rubygem-loofah-2.22.0-1.fc40. Changelog Thu Nov 23 2023 Vt Ondruch - 2.22.0-1 - Update to Loofah 2.22.0. Resolves: rhbz2126896...

rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting

A Cross-site scripting vulnerability was found in rubygem loofah. While neutralizing certain data URIs, loofah is susceptible to Cross-site scripting attacks...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-loofah (SUSE-SU-2023:1657-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1657-1 advisory. - Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofa...

SUSE-SU-2023:1657-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - CVE-2022-23514: Fixed inefficient regular expression leading to denial of service bsc1206415. - CVE-2022-23515: Fixed improper neutralization of data URIs leading to Cross Site Scripting bsc1206417. - CVE-2022-23516: Fixed uncontrolled...

CVE-2022-23515

A Cross-site scripting vulnerability was found in rubygem loofah. While neutralizing certain data URIs, loofah is susceptible to Cross-site scripting attacks...

CVE-2022-23514

An inefficient regular expression vulnerability was found in rubygem loofah. While sanitizing certain SVG attributes, loofah is susceptible to excessive backtracking, which can result in a denial of service through CPU resource consumption...

SUSE-SU-2022:4075-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements bsc1154751...

SUSE SLES15 Security Update : rubygem-loofah (SUSE-SU-2022:3868-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3868-1 advisory. - In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished...

SUSE-SU-2022:3868-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements bsc1154751...

Fedora 30 : rubygem-loofah (2020-1ebc4b8284)

Fix XXS when a crafted SVG element is republished. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues....

Fedora 31 : rubygem-loofah (2020-03c0964b6a)

Fix XXS when a crafted SVG element is republished. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues....

Fedora: Security Advisory for rubygem-loofah (FEDORA-2020-1ebc4b8284)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rubygem-loofah (FEDORA-2020-03c0964b6a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: rubygem-loofah-2.2.3-4.fc30

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization XSS prevention. It includes some nice HTML sanitizers, which are based on HTML5lib's...

[SECURITY] Fedora 31 Update: rubygem-loofah-2.2.3-4.fc31

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization XSS prevention. It includes some nice HTML sanitizers, which are based on HTML5lib's...

SUSE-SU-2019:2209-1 Security update for rubygem-loofah

This update for rubygem-loofah fixes the following issues: - Security issue fixed: - CVE-2018-8048: Update fix to make Loofah::HTML5::Scrub.forcecorrectattributeescaping! callable from other gems bsc1086598...

Fedora Update for rubygem-loofah FEDORA-2018-d5fcbb9ca6

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...