Loofah Security Vulnerabilities and Issues — Loofah CVE List

Lucene search

Loofah ProjectLoofah

7 matches found

CVE•added 2022/12/14 2:15 p.m.•195 views

CVE-2022-23515

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0,

6.1CVSS6AI score0.00236EPSS

CVE•added 2022/12/14 2:15 p.m.•163 views

CVE-2022-23514

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah

7.5CVSS7.2AI score0.00333EPSS

CVE•added 2018/10/30 9:29 p.m.•150 views

CVE-2018-16468

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

5.4CVSS5.4AI score0.00314EPSS

CVE•added 2019/10/22 9:15 p.m.•145 views

CVE-2019-15587

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

5.4CVSS5.4AI score0.01698EPSS

CVE•added 2022/12/14 2:15 p.m.•117 views

CVE-2022-23516

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0,

7.5CVSS7.1AI score0.0003EPSS

CVE•added 2022/12/14 5:15 p.m.•117 views

CVE-2022-23518

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, = 2.1.0. This issue is patched in version 1.4.4.

6.1CVSS6.1AI score0.00234EPSS

CVE•added 2018/03/27 5:29 p.m.•88 views

CVE-2018-8048

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.

6.1CVSS5.9AI score0.004EPSS