Количество 8
Количество 8
CVE-2022-23518
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.
CVE-2022-23518
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.
CVE-2022-23518
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.
CVE-2022-23518
rails-html-sanitizer is responsible for sanitizing HTML fragments in R ...
GHSA-mcvf-2q2m-x72m
Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
BDU:2024-06513
Уязвимость реализации конфигурации инструмента очистки HTML для приложений Rails Rails Html Sanitizer, связанная с неправильной нейтрализацией входных данных во время генерации веб-страницы, позволяющая нарушителю проводить межсайтовые сценарные атаки
SUSE-SU-2023:3714-1
Security update for rubygem-rails-html-sanitizer
ROS-20240815-13
Множественные уязвимости rubygem-rails-html-sanitizer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23518 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4. | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | CVE-2022-23518 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4. | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | CVE-2022-23518 rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4. | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
| CVE-2022-23518 rails-html-sanitizer is responsible for sanitizing HTML fragments in R ... | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
| GHSA-mcvf-2q2m-x72m Improper neutralization of data URIs may allow XSS in rails-html-sanitizer | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | BDU:2024-06513 Уязвимость реализации конфигурации инструмента очистки HTML для приложений Rails Rails Html Sanitizer, связанная с неправильной нейтрализацией входных данных во время генерации веб-страницы, позволяющая нарушителю проводить межсайтовые сценарные атаки | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | SUSE-SU-2023:3714-1 Security update for rubygem-rails-html-sanitizer | больше 2 лет назад | ||
 | ROS-20240815-13 Множественные уязвимости rubygem-rails-html-sanitizer | CVSS3: 7.5 | больше 1 года назад |
Уязвимостей на страницу