Lucene search
GoogleOSV:CVE-2022-23515HistoryDec 14, 2022 - 2:15 p.m.
CVE-2022-23515
2022-12-1414:15:10
Google
osv.dev
7
loofah
nokogiri
cross-site scripting
data uris
image/svg+xml
media type
html/xml manipulation
vulnerability
patched
software
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.
Related
prion
prion
Cross site scripting
2022-12-14 14:15:00
ubuntucve
ubuntucve
CVE-2022-23515
2022-12-14 00:00:00
hackerone
hackerone
redhatcve
redhatcve
CVE-2022-23515
2022-12-14 11:35:22
veracode
veracode
Cross-Site Scripting (XSS)
2022-12-14 04:47:44
nvd
nvd
CVE-2022-23515
2022-12-14 14:15:10
osv
osv
Improper neutralization of data URIs may allow XSS in Loofah
2022-12-13 17:39:36
ruby-loofah - security update
2023-09-13 00:00:00
github
github
Improper neutralization of data URIs may allow XSS in Loofah
2022-12-13 17:39:36
cve
cve
CVE-2022-23515
2022-12-14 14:15:10
debiancve
debiancve
CVE-2022-23515
2022-12-14 14:15:10
cvelist
cvelist
CVE-2022-23515 Improper neutralization of data URIs may allow XSS in Loofah
2022-12-14 13:23:02
nessus
nessus
Fedora 40 : rubygem-loofah (2023-1bbea3700b)
2024-04-29 00:00:00
Debian DLA-3565-1 : ruby-loofah - LTS security update
2023-09-14 00:00:00
debian
debian
[SECURITY] [DLA 3565-1] ruby-loofah security update
2023-09-13 15:09:07
openvas
openvas
Debian: Security Advisory (DLA-3565-1)
2023-09-14 00:00:00
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
redhat
redhat
(RHSA-2023:2097) Important: Satellite 6.13 Release
2023-05-03 13:09:51