Vulnerabilities > Loofah Project

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-23518 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian loofah-project
6.1
2022-12-14 CVE-2022-23514 Unspecified vulnerability in Loofah Project Loofah
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
network
low complexity
loofah-project
7.5
2022-12-14 CVE-2022-23515 Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
network
low complexity
loofah-project debian
6.1
2022-12-14 CVE-2022-23516 Unspecified vulnerability in Loofah Project Loofah
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
network
low complexity
loofah-project
7.5
2019-10-22 CVE-2019-15587 Cross-site Scripting vulnerability in multiple products
In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
5.4
2018-10-30 CVE-2018-16468 Cross-site Scripting vulnerability in multiple products
In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
network
low complexity
loofah-project debian CWE-79
5.4
2018-03-27 CVE-2018-8048 Cross-site Scripting vulnerability in multiple products
In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
network
low complexity
debian loofah-project CWE-79
6.1