Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Fedora: Security Advisory for rubygem-loofah (FEDORA-2020-1ebc4b8284)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'rubygem-loofah' package(s) announced via the FEDORA-2020-1ebc4b8284 advisory.
Insight
Insight
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It', s built on top of Nokogiri and libxml2, so it', s fast and has a nice API. Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib', s whitelist, so it most likely won', t make your codes less secure.
Affected Software
Affected Software
'rubygem-loofah' package(s) on Fedora 30.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).