File _patchinfo of Package patchinfo.28451

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.28451

<patchinfo incident="28451">
  <issue tracker="cve" id="2022-23514"/>
  <issue tracker="cve" id="2022-23516"/>
  <issue tracker="cve" id="2022-23515"/>
  <issue tracker="bnc" id="1206417">VUL-0: CVE-2022-23515: rubygem-loofah: Improper neutralization of data URIs leading to Cross Site Scripting</issue>
  <issue tracker="bnc" id="1206416">VUL-0: CVE-2022-23516: rubygem-loofah: Uncontrolled Recursion leading to denial of service</issue>
  <issue tracker="bnc" id="1206415">VUL-0: CVE-2022-23514: rubygem-loofah: inefficient regular expression leading to denial of service</issue>
  <packager>mschnitzer</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for rubygem-loofah</summary>
  <description>This update for rubygem-loofah fixes the following issues:

- CVE-2022-23514: Fixed inefficient regular expression leading to denial of service (bsc#1206415).
- CVE-2022-23515: Fixed improper neutralization of data URIs leading to Cross Site Scripting (bsc#1206417).
- CVE-2022-23516: Fixed uncontrolled Recursion leading to denial of service (bsc#1206416).
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.28451

Places