CVE-2019-15587

Опубликовано: 22 окт. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 3.5

CVSS3: 5.4

Описание

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	2.3.1+dfsg-1
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	needs-triage
esm-apps/focal	not-affected	2.3.1+dfsg-1
esm-apps/jammy	not-affected	2.3.1+dfsg-1
esm-apps/noble	not-affected	2.3.1+dfsg-1
esm-apps/xenial	released	2.0.3-2+deb9u3build0.16.04.1
esm-infra-legacy/trusty	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 86%

0.03032

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2019-15587

CVSS3: 4.6

redhat

больше 6 лет назад

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

CVE-2019-15587

CVSS3: 5.4

nvd

больше 6 лет назад

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

CVE-2019-15587

CVSS3: 5.4

debian

больше 6 лет назад

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may o ...

SUSE-SU-2022:3868-1

suse-cvrf

больше 3 лет назад

Security update for rubygem-loofah

GHSA-c3gv-9cxf-6f57

CVSS3: 5.4

github

больше 6 лет назад

Loofah Allows Cross-site Scripting

EPSS

Процентиль: 86%

0.03032

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

CVE-2019-15587

Описание

Пакет ruby-loofah

Ссылки на источники

Связанные уязвимости