Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2019-15587

Published: 22 October 2019

In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

Priority

Medium

CVSS 3 base score: 5.4

Status

Package Release Status
ruby-loofah
Launchpad, Ubuntu, Debian
bionic Needs triage

disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Not vulnerable
(2.3.1+dfsg-1)
groovy Not vulnerable
(2.3.1+dfsg-1)
hirsute Not vulnerable
(2.3.1+dfsg-1)
impish Not vulnerable
(2.3.1+dfsg-1)
jammy Not vulnerable
(2.3.1+dfsg-1)
kinetic Not vulnerable
(2.3.1+dfsg-1)
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial
Released (2.0.3-2+deb9u3build0.16.04.1)