CVE-2020-4054

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-4054
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-4054.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-4054
Aliases
Related
Published
2020-06-16T22:15:10Z
Modified
2025-01-15T01:45:44.847628Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized correctly even if math and svg are not in the allowlist. You are likely to be vulnerable to this issue if you use Sanitize's relaxed config or a custom config that allows one or more of the following HTML elements: iframe, math, noembed, noframes, noscript, plaintext, script, style, svg, xmp. Using carefully crafted input, an attacker may be able to sneak arbitrary HTML through Sanitize, potentially resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. This has been fixed in 5.2.1.

References

Affected packages

Debian:11 / ruby-sanitize

Package

Name
ruby-sanitize
Purl
pkg:deb/debian/ruby-sanitize?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.6.6-2.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ruby-sanitize

Package

Name
ruby-sanitize
Purl
pkg:deb/debian/ruby-sanitize?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.6.6-2.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / ruby-sanitize

Package

Name
ruby-sanitize
Purl
pkg:deb/debian/ruby-sanitize?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.6.6-2.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/rgrove/sanitize

Affected ranges

Type
GIT
Repo
https://github.com/rgrove/sanitize
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

release-1.*

release-1.0.0
release-1.0.1
release-1.0.2
release-1.0.3
release-1.0.4
release-1.0.5
release-1.0.6
release-1.0.7
release-1.0.8
release-1.1.0
release-1.2.0
release-1.2.1

release-2.*

release-2.0.0
release-2.0.1
release-2.0.2

v2.*

v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.1.0

v3.*

v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.1.0
v3.1.1
v3.1.2

v4.*

v4.0.0
v4.0.1
v4.1.0
v4.2.0
v4.3.0
v4.4.0
v4.5.0
v4.6.0
v4.6.1
v4.6.2
v4.6.3
v4.6.4
v4.6.5
v4.6.6

v5.*

v5.0.0
v5.1.0
v5.2.0