Download
| Alert*
oval:org.secpod.oval:def:53487
It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements. oval:org.secpod.oval:def:1901445 In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. oval:org.secpod.oval:def:603601 It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements. oval:org.secpod.oval:def:115562 Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization . It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, ... oval:org.secpod.oval:def:115552 Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization . It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, ... oval:org.secpod.oval:def:115563 Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization . It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, ... oval:org.secpod.oval:def:89050829 This update for rmt-server to version 1.1.1 fixes the following issues: The following issues have been fixed: - Fixed migration problems which caused some extensions / modules to be dropped - Fixed listing of mirrored products - Include online migration paths into offline migration - Sync product ... |