|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 4364-1 (ruby-loofah - security update)|
|Summary:||It was discovered that ruby-loofah, a general library for manipulating;and transforming HTML/XML documents and fragments, performed insufficient;sanitising of SVG elements.|
It was discovered that ruby-loofah, a general library for manipulating
and transforming HTML/XML documents and fragments, performed insufficient
sanitising of SVG elements.
Loofah is a general library for manipulating and transforming HTML/XML
documents and fragments. It's built on top of Nokogiri and libxml2, so
it's fast and has a nice API.
ruby-loofah on Debian Linux
For the stable distribution (stretch), this problem has been fixed in
We recommend that you upgrade your ruby-loofah packages.
For the detailed security status of ruby-loofah please refer to
its security tracker page at:
Common Vulnerability Exposure (CVE) ID: CVE-2018-16468|
|Copyright||Copyright (c) 2019 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.