Rails-html-sanitizer
This hub aggregates every CVE we track for Rails-html-sanitizer, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM12HIGH2
Monthly trend
0
0
0
0
0
5
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 14 most recently published vulnerabilities affecting Rails-html-sanitizer.
- CVE-2024-53985Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.06.1
- CVE-2024-53987Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.06.1
- CVE-2024-53986Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.06.1
- CVE-2024-53988Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.06.1
- CVE-2024-53989Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.06.1
- CVE-2022-23520rails-html-sanitizer contains an incomplete fix for an XSS vulnerability6.1
- CVE-2022-23519Possible XSS vulnerability with certain configurations of rails-html-sanitizer7.2
- CVE-2022-23518Improper neutralization of data URIs allows XSS in rails-html-sanitizer6.1
- CVE-2022-23517Inefficient Regular Expression Complexity in rails-html-sanitizer7.5
- CVE-2022-32209# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identi...6.1
- CVE-2018-3741There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with spec...6.1
- CVE-2015-7579Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that...6.1
- CVE-2015-7580Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web ...6.1
- CVE-2015-7578Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag ...6.1
Product normalization is registry-driven with AI assist and human review. How it works