Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud Crowbar 8 package rubygem-rails-html-sanitizer, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2022-23517 — CVSS 7.5 (high): rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer <…
CVE-2022-23519 — CVSS 7.2 (high): rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS…
CVE-2018-3741 — CVSS 6.1 (medium): There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted…
CVE-2022-23518 — CVSS 6.1 (medium): rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to…
CVE-2022-23520 — CVSS 6.1 (medium): rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS…
CVE-2022-32209 — CVSS 6.1 (medium): # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of…