8 matches found
Astra Linux – Vulnerability in ruby-loofah
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.2.0; versions before 2.19.1 use recursion to sanitize CDATA sections. This can lead to stack exhaustion and raise a SystemStackError exception, potentially causing ...
Astra Linux – Vulnerability in ruby-loofah
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.1.0; versions less than 2.19.1 are vulnerable to cross-site scripting due to the image/svg+xml media type in data URIs. This issue has been fixed in version 2.19.1...
CVE-2025-5471
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
CVE-2025-5471
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
CVE-2025-5471 Dylib Hijacking in Yandex Telemost
Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...
CVE-2025-25205
Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings lik...
DEBIAN-CVE-2022-23516
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.2.0, 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a...
UBUNTU-CVE-2022-23516
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah = 2.2.0, 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a...