diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-06-01 10:45:09 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-06-01 10:45:09 +0200 |
commit | df4563ecaf9b30119f3b42bfe1440a450349ff02 (patch) | |
tree | e6462d7846ea2d9ca385f47af35c96c5c83d00e2 /data/CVE/list.2018 | |
parent | 69aefd8938b2fa7bdf662372e1ec3c4c276b8b84 (diff) |
Mark CVE-2018-3741/ruby-rails-html-sanitizer as no-dsa
Diffstat (limited to 'data/CVE/list.2018')
-rw-r--r-- | data/CVE/list.2018 | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2018 b/data/CVE/list.2018 index b7a3a25bd1..18eb81126e 100644 --- a/data/CVE/list.2018 +++ b/data/CVE/list.2018 @@ -46348,6 +46348,7 @@ CVE-2018-3742 REJECTED CVE-2018-3741 (There is a possible XSS vulnerability in all rails-html-sanitizer gem ...) - ruby-rails-html-sanitizer 1.0.4-1 (bug #893994) + [stretch] - ruby-rails-html-sanitizer <no-dsa> (Minor issue; can be fixed via point release) NOTE: https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae CVE-2018-3740 (A specially crafted HTML fragment can cause Sanitize gem for Ruby to a ...) {DSA-4358-1} |