Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Force loofah 2.3 in response to CVE-2018-8048
- The report actually says: "loofah gem 2.13.0 is vulnerable (CVE-2018-8048). Upgrade to 2.2.1." - On closer inspection, you'll see that 2.2.1 is a *downgrade* from 2.13.0 A known issue: flavorjones/loofah#209
- Loading branch information