Vulnerabilities > Loofah Project > Loofah > 2.2.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-14 | CVE-2022-23518 | Cross-site Scripting vulnerability in multiple products rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. | 6.1 |
| 2022-12-14 | CVE-2022-23514 | Unspecified vulnerability in Loofah Project Loofah Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. | 7.5 |
| 2022-12-14 | CVE-2022-23515 | Cross-site Scripting vulnerability in multiple products Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. | 6.1 |
| 2022-12-14 | CVE-2022-23516 | Uncontrolled Recursion vulnerability in Loofah Project Loofah Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. | 7.5 |
| 2019-10-22 | CVE-2019-15587 | Cross-site Scripting vulnerability in multiple products In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. | 5.4 |