Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems rails-html-sanitizer Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1ycmZjLTdnOHAtOTlxOM4AAwSi
Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS05aDlnLTkzZ2MtNjIzaM4AAwSh
Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdocW0tcGd4ai0zN2dx
rails-html-sanitizer Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5YzItY3IzOS1jOGc2
rails-html-sanitizer Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB4M3Itam05Zy1jOHc4
rails-html-sanitizer Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: about 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1yaGotMmc0di0zOXF4
Moderate severity vulnerability that affects rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjOGotbThqMy1yanE2
Moderate severity vulnerability that affects rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3cGMtcTVxNy1xZzlo
Moderate severity vulnerability that affects rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: over 4 years ago
High
GSA_kwCzR0hTQS01eDc5LXc4MmYtZ3c4d84AAwSf
Inefficient Regular Expression Complexity in rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU5YzctNHhqMi1oZ3Z3
rails-html-sanitizer Cross-site Scripting vulnerability
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1tY3ZmLTJxMm0teDcybc4AAwSg
Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1wZzh2LWc0eHEtaHd3Oc4AAs-c
Rails::Html::Sanitizer vulnerable to Cross-site Scripting
Ecosystems: rubygems
Packages: rails-html-sanitizer
Source: GitHub Advisory Database
Published: 11 months ago
Filter by Severity
Moderate 5,124 High 4,541 Critical 2,093 Low 670
Filter by Ecosystem
maven 3,856 npm 3,123 pypi 2,600 packagist 1,686 go 1,225 nuget 939 rubygems 706 cargo 636 hex 21 actions 10 pub 5
Filter by Package
actionpack 57 nokogiri 28 rubygems-update 25 activerecord 24 rack 20 puppet 13 publify_core 13 rails-html-sanitizer 12 rails 12 actionview 12 activesupport 12 fat_free_crm 11 passenger 9 puma 9 org.jruby:jruby-stdlib 7 loofah 6 camaleon_cms 6 ember-source 6 doorkeeper 6 katello 5 spree 5 spree_auth_devise 5 bundler 4 safemode 4 devise 4 mail 4 commonmarker 4 rubyzip 4 sinatra 4 dragonfly 4 cgi 3 geminabox 3 private_address_check 3 rails_admin 3 fluentd 3 gollum 3 rest-client 3 bootstrap 3 sanitize 3 paperclip 3 sidekiq 3 git 3 chartkick 3 omniauth 3 sprockets 3 activestorage 3 jquery-rails 3 webrick 2 httparty 2 red-arrow 2 administrate 2 kramdown 2 redcarpet 2 carrierwave 2 pageflow 2 qiita-markdown 2 activemodel 2 json-jwt 2 bootstrap 2 web-console 2 ox 2 colorscore 2 espeak-ruby 2 git-fastclone 2 jQuery 2 jquery 2 ruby-openid 2 bootstrap-sass 2 field_test 2 festivaltts4r 2 mechanize 2 metasploit-framework 2 radiant 2 rdoc 2 secure_headers 2 faye 2 yajl-ruby 2 user_agent_parser 2 bson 2 pyarrow 2 minitar 2 rack-cors 2 pdfkit 2 ruby-saml 2 rack-mini-profiler 2 archive-tar-minitar 2 net-ldap 2 yard 2 mini_magick 2 i18n 2 json 2 VladTheEnterprising 2 omniauth-facebook 2 google-protobuf 2 sup 2 mapbox-rails 2 mapbox.js 2 pghero 2 com.google.protobuf:protobuf-java 2 com.google.protobuf:protobuf-kotlin 2 devise-two-factor 2 cocoapods-downloader 2 solidus_core 2 solidus_frontend 2 http 1 airbrake-ruby 1 geocoder 1 uap-core 1 personnummer 1 activeresource 1 cairo 1 solidus_backend 1 diffy 1 active-support 1 org.jruby:jruby-parent 1 sorcery 1 websocket-extensions 1 shrine 1 dependabot-omnibus 1 dependabot-common 1 spree_api 1 omniauth-apple 1 pgsync 1 faye-websocket 1 devise_token_auth 1 spina 1 rwiki 1 fileutils 1 em-imap 1 pdf_info 1 elastic-apm 1 thin 1 fastreader 1 sqlite3-ruby 1 fog-dragonfly 1 newrelic_rpm 1 goliath 1 narou 1 railties 1 netaddr 1 rexml 1 sensu 1 restforce 1 kcapifony 1 lynx 1 show_in_browser 1 update_by_case 1 ciborg 1 clearance 1 cap-strap 1 lawn-login 1 paratrooper-newrelic 1 sfpagent 1 simple_form 1 ruby-jss 1 date 1 matestack-ui-core 1 sentry-raven 1 kaminari 1 solidus_api 1 omniauth-auth0 1 haml 1 brbackup 1 trestle-auth 1 better_errors 1 rails_multisite 1 rubocop 1 bibtex-ruby 1 redis-store 1 gollum-lib 1 samlr 1 message_bus 1 padrino-contrib 1 marginalia 1 image_processing 1 datagrid 1 omniauth-saml 1 view_component 1 smart_proxy_dynflow 1 gibbon 1 random_password_generator 1 trilogy 1 pysha3 1 sha3 1 govuk_tech_docs 1 blazer 1 kitchen-terraform 1 rack-ssl 1 pay 1 command_wrap 1 webbynode 1 nori 1 crack 1 slanger 1 ffi 1 paranoid2 1 audited 1 inline_svg 1 active_attr 1 asciidoctor-include-ext 1 oxidized-web 1 recurly 1 tmpdir 1 csv-safe 1 octopoller 1 mixlib-archive 1 smalruby-editor 1 smalruby 1 kafo 1 bootstrap-sass 1 jmespath 1 features 1 omniauth-weibo-oauth2 1 point-cli 1 chloride 1 xapian-core 1 hammer_cli_foreman 1 smashing 1 ccsv 1 paratrooper-pingdom 1 openssl 1 ldap_fluff 1 xaviershay-dm-rails 1 authlogic 1 kajam 1 aescrypt 1 uglifier 1 flash_tool 1 karteek-docsplit 1 lean-ruport 1 rbovirt 1 gtk2 1 tweetstream 1 gon 1 gemirro 1 multi_xml 1 bootstrap 1 keynote 1 arabic-prawn 1 activejob 1 chartkick 1 redcloth 1 bootstrap.sass 1 text_helpers 1 consul 1 ruby_parser-legacy 1 delayed_job_web 1 curupira 1 rack-protection 1 asciidoctor 1 rake 1 many_versioned_gem 1 Bootstrap.Less 1 gyazo 1 activerecord-session_store 1 foreman_fog_proxmox 1 foreman_ansible 1 bindata 1 papercrop 1 oauth 1 devise_masquerade 1 easymon 1 twitter-bootstrap-rails 1 cocaine 1 ldoce 1 rack-cache 1 jruby-openssl 1 com.google.protobuf:protobuf-javalite 1 ruby-mysql 1 extlib 1 will_paginate 1 com.google.protobuf:protobuf-kotlin-lite 1 jekyll 1 omniauth-oauth2 1 reel 1 octokit 1 cremefraiche 1 curl 1 iodine 1 cron_parser 1 coin_base 1 blockchain_wallet 1 awesome-bot 1 doge-coin 1 capistrano-colors 1 bitcoin_vanity 1 coming-soon 1 kelredd-pruview 1 jquery-ui-rails 1 mcollective-client 1 uri 1 sisimai 1 md2pdf 1 tzinfo 1 hiera 1 backup_checksum 1 backup-agoddard 1 doorkeeper-openid_connect 1 awesome_spawn 1 mysql-binuuid-rails 1