Lucene search
SuseOPENSUSE-SU-2018:3951-1HistoryNov 30, 2018 - 12:12 a.m.
Security update for rubygem-loofah (moderate)
2018-11-3000:12:22
lists.opensuse.org
74
0.001 Low
EPSS
Percentile
38.6%
This update for rubygem-loofah fixes the following issues:
Security issue fixed:
- CVE-2018-16468: Fixed XXS by removing the svg animate attribute
from
from the allowlist (bsc#1113969).
This update was imported from the SUSE:SLE-15:Update update project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.0 | x86_64 | ruby2.5-rubygem-loofah-doc | < 2.2.2-lp150.3.3.1 | ruby2.5-rubygem-loofah-doc-2.2.2-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | ruby2.5-rubygem-loofah-testsuite | < 2.2.2-lp150.3.3.1 | ruby2.5-rubygem-loofah-testsuite-2.2.2-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | ruby2.5-rubygem-loofah | < 2.2.2-lp150.3.3.1 | ruby2.5-rubygem-loofah-2.2.2-lp150.3.3.1.x86_64.rpm |
References
Related
nessus
nessus
Fedora 28 : rubygem-loofah (2018-d716df9942)
2019-01-03 00:00:00
FreeBSD : Loofah -- XSS vulnerability (36a2a89e-7ee1-4ea4-ae22-7ca38019c8d0)
2018-11-02 00:00:00
Fedora 27 : rubygem-loofah (2018-4ce40afcb6)
2018-11-28 00:00:00
prion
prion
Code injection
2018-10-30 21:29:00
osv
osv
Loofah Cross-site Scripting vulnerability
2018-11-01 14:46:01
ruby-loofah - security update
2019-01-08 00:00:00
CVE-2018-16468
2018-10-30 21:29:00
openvas
openvas
Fedora Update for rubygem-loofah FEDORA-2018-d5fcbb9ca6
2019-05-07 00:00:00
Debian Security Advisory DSA 4364-1 (ruby-loofah - security update)
2019-01-08 00:00:00
openSUSE: Security Advisory for rubygem-loofah (openSUSE-SU-2018:3951-1)
2018-12-04 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: rubygem-loofah-2.0.3-6.fc28
2018-11-28 02:46:20
[SECURITY] Fedora 27 Update: rubygem-loofah-2.0.3-6.fc27
2018-11-28 02:22:42
[SECURITY] Fedora 29 Update: rubygem-loofah-2.2.3-1.fc29
2018-11-28 02:43:14
cve
cve
CVE-2018-16468
2018-10-30 21:29:00
ubuntucve
ubuntucve
CVE-2018-16468
2018-10-30 00:00:00
debiancve
debiancve
CVE-2018-16468
2018-10-30 21:29:00
veracode
veracode
Cross-site Scripting (XSS)
2018-10-31 03:41:40
debian
debian
[SECURITY] [DSA 4364-1] ruby-loofah security update
2019-01-08 22:48:45
github
github
Loofah Cross-site Scripting vulnerability
2018-11-01 14:46:01
redhatcve
redhatcve
CVE-2018-16468
2018-11-05 21:49:58
freebsd
freebsd
Loofah -- XSS vulnerability
2018-10-30 00:00:00
suse
suse
Security update for rmt-server (moderate)
2019-02-14 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34