GSD-2018-8048
Vulnerability from gsd - Updated: 2018-03-16 00:00Details
Loofah allows non-whitelisted attributes to be present in sanitized
output when input with specially-crafted HTML fragments.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-8048",
"description": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.",
"id": "GSD-2018-8048",
"references": [
"https://www.suse.com/security/cve/CVE-2018-8048.html",
"https://www.debian.org/security/2018/dsa-4171",
"https://access.redhat.com/errata/RHSA-2019:0212"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "loofah",
"purl": "pkg:gem/loofah"
}
}
],
"aliases": [
"CVE-2018-8048",
"GHSA-x7rv-cr6v-4vm4"
],
"details": "Loofah allows non-whitelisted attributes to be present in sanitized\noutput when input with specially-crafted HTML fragments.\n",
"id": "GSD-2018-8048",
"modified": "2018-03-16T00:00:00.000Z",
"published": "2018-03-16T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/flavorjones/loofah/issues/144"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 6.1,
"type": "CVSS_V3"
}
],
"summary": "Loofah XSS Vulnerability"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flavorjones/loofah/issues/144",
"refsource": "CONFIRM",
"url": "https://github.com/flavorjones/loofah/issues/144"
},
{
"name": "[oss-security] 20180319 [CVE-2018-8048] Loofah XSS Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/03/19/5"
},
{
"name": "DSA-4171",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4171"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191122-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20191122-0003/"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2018-8048",
"date": "2018-03-29",
"description": "[MRI] Behavior in libxml2 has been reverted which caused\nCVE-2018-8048 (loofah gem), CVE-2018-3740 (sanitize gem), and\nCVE-2018-3741 (rails-html-sanitizer gem). The commit in question is\nhere:\n\nhttps://github.com/GNOME/libxml2/commit/960f0e2\n\nand more information is available about this commit and its impact\nhere:\n\nhttps://github.com/flavorjones/loofah/issues/144\n\nThis release simply reverts the libxml2 commit in question to protect\nusers of Nokogiri\u0027s vendored libraries from similar vulnerabilities.\n\nIf you\u0027re offended by what happened here, I\u0027d kindly ask that you\ncomment on the upstream bug report here:\n\nhttps://bugzilla.gnome.org/show_bug.cgi?id=769760\n",
"gem": "nokogiri",
"patched_versions": [
"\u003e= 1.8.3"
],
"related": {
"cve": [
"2018-3740",
"2018-3741"
],
"url": [
"https://github.com/GNOME/libxml2/commit/960f0e2",
"https://bugzilla.gnome.org/show_bug.cgi?id=769760"
]
},
"title": "Revert libxml2 behavior in Nokogiri gem that could cause XSS",
"url": "https://github.com/sparklemotion/nokogiri/pull/1746"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c2.2.1",
"affected_versions": "All versions before 2.2.1",
"credit": "Shopify Application Security Team",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-11-22",
"description": "Loofah allows attributes that are not explicitly allowed to be present in sanitized output when input with specially-crafted HTML fragments.",
"fixed_versions": [
"2.2.1"
],
"identifier": "CVE-2018-8048",
"identifiers": [
"CVE-2018-8048"
],
"not_impacted": "JRuby environments",
"package_slug": "gem/loofah",
"pubdate": "2018-03-27",
"solution": "Upgrade to 2.2.1.",
"title": "XSS Vulnerability",
"urls": [
"https://github.com/flavorjones/loofah/issues/144"
],
"uuid": "30131569-843b-42af-9628-de66ecbab5d9"
},
{
"affected_range": "\u003c1.8.3",
"affected_versions": "All versions before 1.8.3",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-11-22",
"description": "In the Loofah gem for Ruby, denylisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.",
"fixed_versions": [
"1.8.3"
],
"identifier": "CVE-2018-8048",
"identifiers": [
"CVE-2018-8048"
],
"not_impacted": "All versions starting from 1.8.3",
"package_slug": "gem/nokogiri",
"pubdate": "2018-03-27",
"solution": "Upgrade to version 1.8.3 or above",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2018-8048"
],
"uuid": "3018fe66-9e8f-4329-8ef9-580f6b496dff"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:loofah_project:loofah:*:*:*:*:*:ruby:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-8048"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/flavorjones/loofah/issues/144",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/flavorjones/loofah/issues/144"
},
{
"name": "[oss-security] 20180319 [CVE-2018-8048] Loofah XSS Vulnerability",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2018/03/19/5"
},
{
"name": "DSA-4171",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4171"
},
{
"name": "https://security.netapp.com/advisory/ntap-20191122-0003/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20191122-0003/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2019-11-22T09:15Z",
"publishedDate": "2018-03-27T17:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…