Redhat.comRH:CVE-2018-8048

HistoryApr 06, 2020 - 5:05 p.m.

Vulners
/
Redhatcve
/
CVE-2018-8048

CVE-2018-8048

2020-04-0617:05:35

redhat.com

access.redhat.com

0.002 Low

EPSS

Percentile

59.1%

JSON

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.

References

bugzilla.redhat.com/show_bug.cgi?id=1559071

openvas 1

debiancve 2

debian 2

prion 2

cvelist 2

cve 2

nessus 3

osv 5

veracode 1

freebsd 2

ubuntucve 2

github 2

nvd 2

rubygems 2

hackerone 1

redhatcve 1

redhat 1

rosalinux 1

openvas

Debian: Security Advisory (DSA-4171-1)

2018-04-12 00:00:00

debiancve

CVE-2018-8048

2018-03-27 17:29:00

CVE-2018-3741

2018-03-30 19:29:00

debian

[SECURITY] [DSA 4171-1] ruby-loofah security update

2018-04-13 19:12:19

[SECURITY] [DSA 4171-1] ruby-loofah security update

2018-04-13 19:12:19

prion

Hardcoded credentials

2018-03-27 17:29:00

Design/Logic Flaw

2018-03-30 19:29:00

cvelist

CVE-2018-8048

2018-03-27 17:00:00

CVE-2018-3741

2018-03-30 19:00:00

cve

CVE-2018-8048

2018-03-27 17:29:00

CVE-2018-3741

2018-03-30 19:29:00

nessus

Debian DSA-4171-1 : ruby-loofah - security update

2018-04-16 00:00:00

FreeBSD : Loofah -- XSS vulnerability (ba6d0c9b-f5f6-4b9b-a6de-3cce93c83220)

2018-03-21 00:00:00

FreeBSD : rails-html-sanitizer -- possible XSS vulnerability (81946ace-6961-4488-a164-22d58ebc8d66)

2018-03-27 00:00:00

osv

Cross-site Scripting in loofah

2018-03-21 11:57:11

ruby-loofah - security update

2018-04-13 00:00:00

CVE-2018-8048

2018-03-27 17:29:00

veracode

Cross-site Scripting (XSS)

2018-03-20 05:38:48

freebsd

Loofah -- XSS vulnerability

2018-03-15 00:00:00

rails-html-sanitizer -- possible XSS vulnerability

2018-03-22 00:00:00

ubuntucve

CVE-2018-8048

2018-03-27 00:00:00

CVE-2018-3741

2018-03-30 00:00:00

github

Cross-site Scripting in loofah

2018-03-21 11:57:11

rails-html-sanitizer Cross-site Scripting vulnerability

2018-04-26 15:41:10

nvd

CVE-2018-8048

2018-03-27 17:29:00

CVE-2018-3741

2018-03-30 19:29:00

rubygems

XSS vulnerability in rails-html-sanitizer

2018-03-21 21:00:00

Revert libxml2 behavior in Nokogiri gem that could cause XSS

2018-03-28 21:00:00

hackerone

Ruby on Rails: XSS vulnerability in sanitize-method when parsing link's href

2018-03-21 14:57:43

redhatcve

CVE-2018-3741

2018-04-18 10:49:01

redhat

(RHSA-2019:0212) Moderate: CloudForms 4.7 security, bug fix and enhancement update

2019-02-07 22:50:40

rosalinux

Advisory ROSA-SA-2021-1966

2021-07-02 18:06:34

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.002 Low

EPSS

Percentile

59.1%

JSON

Related for RH:CVE-2018-8048