VulnerableCode Package Details - pkg:gem/phlex@2.1.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:gem/phlex@2.1.2

purl	pkg:gem/phlex@2.1.2

Next non-vulnerable version	2.1.3
Latest non-vulnerable version	2.4.1
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-br68-6fft-8ber Aliases: GHSA-w67g-2h6v-vjgq	Phlex XSS protection bypass via attribute splatting, dynamic tags, and href values	2.1.3 Affected by 0 other vulnerabilities. 2.2.2 Affected by 0 other vulnerabilities. 2.3.2 Affected by 0 other vulnerabilities. 2.4.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-br68-6fft-8ber
Aliases:
GHSA-w67g-2h6v-vjgq

Phlex XSS protection bypass via attribute splatting, dynamic tags, and href values

2.1.3
Affected by 0 other vulnerabilities.

2.2.2
Affected by 0 other vulnerabilities.

2.3.2
Affected by 0 other vulnerabilities.

2.4.1
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T20:57:09.743368+00:00	GitLab Importer	Affected by	VCID-br68-6fft-8ber	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/phlex/GHSA-w67g-2h6v-vjgq.yml	38.6.0