gsd-2018-8048
Vulnerability from gsd
Modified
2018-03-16 00:00
Details
Loofah allows non-whitelisted attributes to be present in sanitized
output when input with specially-crafted HTML fragments.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-8048",
"description": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.",
"id": "GSD-2018-8048",
"references": [
"https://www.suse.com/security/cve/CVE-2018-8048.html",
"https://www.debian.org/security/2018/dsa-4171",
"https://access.redhat.com/errata/RHSA-2019:0212"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "loofah",
"purl": "pkg:gem/loofah"
}
}
],
"aliases": [
"CVE-2018-8048",
"GHSA-x7rv-cr6v-4vm4"
],
"details": "Loofah allows non-whitelisted attributes to be present in sanitized\noutput when input with specially-crafted HTML fragments.\n",
"id": "GSD-2018-8048",
"modified": "2018-03-16T00:00:00.000Z",
"published": "2018-03-16T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/flavorjones/loofah/issues/144"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 6.1,
"type": "CVSS_V3"
}
],
"summary": "Loofah XSS Vulnerability"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flavorjones/loofah/issues/144",
"refsource": "CONFIRM",
"url": "https://github.com/flavorjones/loofah/issues/144"
},
{
"name": "[oss-security] 20180319 [CVE-2018-8048] Loofah XSS Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/03/19/5"
},
{
"name": "DSA-4171",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4171"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191122-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20191122-0003/"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2018-8048",
"date": "2018-03-29",
"description": "[MRI] Behavior in libxml2 has been reverted which caused\nCVE-2018-8048 (loofah gem), CVE-2018-3740 (sanitize gem), and\nCVE-2018-3741 (rails-html-sanitizer gem). The commit in question is\nhere:\n\nhttps://github.com/GNOME/libxml2/commit/960f0e2\n\nand more information is available about this commit and its impact\nhere:\n\nhttps://github.com/flavorjones/loofah/issues/144\n\nThis release simply reverts the libxml2 commit in question to protect\nusers of Nokogiri\u0027s vendored libraries from similar vulnerabilities.\n\nIf you\u0027re offended by what happened here, I\u0027d kindly ask that you\ncomment on the upstream bug report here:\n\nhttps://bugzilla.gnome.org/show_bug.cgi?id=769760\n",
"gem": "nokogiri",
"patched_versions": [
"\u003e= 1.8.3"
],
"related": {
"cve": [
"2018-3740",
"2018-3741"
],
"url": [
"https://github.com/GNOME/libxml2/commit/960f0e2",
"https://bugzilla.gnome.org/show_bug.cgi?id=769760"
]
},
"title": "Revert libxml2 behavior in Nokogiri gem that could cause XSS",
"url": "https://github.com/sparklemotion/nokogiri/pull/1746"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.2.1",
"affected_versions": "All versions before 2.2.1",
"credit": "Shopify Application Security Team",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-11-22",
"description": "Loofah allows attributes that are not explicitly allowed to be present in sanitized output when input with specially-crafted HTML fragments.",
"fixed_versions": [
"2.2.1"
],
"identifier": "CVE-2018-8048",
"identifiers": [
"CVE-2018-8048"
],
"not_impacted": "JRuby environments",
"package_slug": "gem/loofah",
"pubdate": "2018-03-27",
"solution": "Upgrade to 2.2.1.",
"title": "XSS Vulnerability",
"urls": [
"https://github.com/flavorjones/loofah/issues/144"
],
"uuid": "30131569-843b-42af-9628-de66ecbab5d9"
},
{
"affected_range": "\u003c1.8.3",
"affected_versions": "All versions before 1.8.3",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-11-22",
"description": "In the Loofah gem for Ruby, denylisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.",
"fixed_versions": [
"1.8.3"
],
"identifier": "CVE-2018-8048",
"identifiers": [
"CVE-2018-8048"
],
"not_impacted": "All versions starting from 1.8.3",
"package_slug": "gem/nokogiri",
"pubdate": "2018-03-27",
"solution": "Upgrade to version 1.8.3 or above",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2018-8048"
],
"uuid": "3018fe66-9e8f-4329-8ef9-580f6b496dff"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:loofah_project:loofah:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8048"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flavorjones/loofah/issues/144",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/flavorjones/loofah/issues/144"
},
{
"name": "[oss-security] 20180319 [CVE-2018-8048] Loofah XSS Vulnerability",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/03/19/5"
},
{
"name": "DSA-4171",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4171"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191122-0003/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20191122-0003/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2019-11-22T09:15Z",
"publishedDate": "2018-03-27T17:29Z"
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.