Release | Version |
---|---|
buster | 2.2.3-1+deb10u1 |
bullseye | 2.7.0+dfsg-1 |
bookworm | 2.19.1-1 |
sid | 2.19.1-1 |
Bug | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|
CVE-2022-23516 | vulnerable (no DSA) | vulnerable | fixed | fixed | Loofah is a general library for manipulating and transforming HTML/XML ... |
CVE-2022-23515 | vulnerable | vulnerable | fixed | fixed | Loofah is a general library for manipulating and transforming HTML/XML ... |
CVE-2022-23514 | vulnerable (no DSA) | vulnerable | fixed | fixed | Loofah is a general library for manipulating and transforming HTML/XML ... |
Bug | Description |
---|---|
CVE-2019-15587 | In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may o ... |
CVE-2018-16468 | In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may ... |
CVE-2018-8048 | In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attribu ... |
DSA / DLA | Description |
---|---|
DSA-4554-1 | ruby-loofah - security update |
DSA-4364-1 | ruby-loofah - security update |
DSA-4171-1 | ruby-loofah - security update |