Search for packages
| purl | pkg:gem/RedCloth@4.3.0 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5wd2-9wcr-ayg4
Aliases: CVE-2023-31606 GHSA-qcm3-vfq5-wfr2 |
Inefficient Regular Expression Complexity A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-4key-48mr-13f4 | Textile Link Parsing XSS RedCloth Gem for Ruby contains a flaw that allows a cross-site scripting (XSS) attack. This flaw exists because the program does not validate input when parsing textile links before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. |
CVE-2012-6684
GHSA-r23g-3qw4-gfh2 OSV-115941 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-01T07:28:18.137508+00:00 | GitLab Importer | Affected by | VCID-5wd2-9wcr-ayg4 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/RedCloth/CVE-2023-31606.yml | 38.6.0 |
| 2026-05-31T10:58:26.918421+00:00 | GithubOSV Importer | Fixing | VCID-4key-48mr-13f4 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-r23g-3qw4-gfh2/GHSA-r23g-3qw4-gfh2.json | 38.6.0 |
| 2026-05-31T10:18:50.682758+00:00 | Ruby Importer | Affected by | VCID-5wd2-9wcr-ayg4 | https://github.com/rubysec/ruby-advisory-db/blob/master/gems/RedCloth/CVE-2023-31606.yml | 38.6.0 |
| 2026-05-30T20:52:12.116543+00:00 | GitLab Importer | Fixing | VCID-4key-48mr-13f4 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/RedCloth/CVE-2012-6684.yml | 38.6.0 |