Debian Security Update DSA-4358 ruby-sanitize - security update

Thread starter LinuxBot
Start date Dec 27, 2018

LinuxBot

Member

Dec 27, 2018

#1

The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow nonwhitelisted attributes to be used on a whitelisted HTML element.

Continue reading...

You must log in or register to reply here.

Similar threads

Debian Security Update DSA-6286-1 evince - security update

Replies: 0

Views: 63

May 21, 2026

LinuxBot

Ubuntu Security Update USN-8077-1: Bleach vulnerabilities

Replies: 0

Views: 123

Mar 5, 2026

LinuxBot

Debian Security Update DSA-6137-1 roundcube - security update

Replies: 0

Views: 139

Feb 17, 2026

LinuxBot

Debian Security Update DSA-6087-1 roundcube - security update

Replies: 0

Views: 167

Dec 20, 2025

LinuxBot

Debian Security Update DSA-6180-1 ruby-rack - security update

Replies: 0

Views: 105

Mar 27, 2026

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Staff online

Brickwizard
Super Moderator

Members online

Total: 5,115 (members: 4, guests: 5,111)

Latest posts

MX23 boot options glitch
- Latest: Rocketing-warp9
- Today at 4:22 PM
Debian and derivatives
J
Ubuntu 26.04 Dock crashes
- Latest: Jens55
- Today at 3:06 PM
Ubuntu forum
Linux on a Mac?
- Latest: Rocketing-warp9
- Today at 2:24 PM
Laptops / Netbooks
New to the whole Linux scene, have heard really great things figured I'd maybe give it a crack?
- Latest: MikeWalsh
- Today at 1:53 PM
Getting Started
HELP: Internet and Headphones not connecting after graphics card update
- Latest: beanburrito
- Today at 12:42 PM
Linux Networking

Top