CVE-2020-4054 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-4054 Interim 1 23 2023-02-10T01:17:22Z current 2021-05-30T14:36:03Z 2023-02-10T01:17:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-4054 In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized correctly even if math and svg are not in the allowlist. You are likely to be vulnerable to this issue if you use Sanitize's relaxed config or a custom config that allows one or more of the following HTML elements: iframe, math, noembed, noframes, noscript, plaintext, script, style, svg, xmp. Using carefully crafted input, an attacker may be able to sneak arbitrary HTML through Sanitize, potentially resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. This has been fixed in 5.2.1. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise High Availability Extension 15 SUSE Linux Enterprise High Availability Extension 15 SP1 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ruby2.1-rubygem-rails-html-sanitizer ruby2.5-rubygem-rails-html-sanitizer rubygem-rails-html-sanitizer ruby2.5-rubygem-rails-html-sanitizer as a component of SUSE Linux Enterprise High Availability Extension 15 rubygem-rails-html-sanitizer as a component of SUSE Linux Enterprise High Availability Extension 15 ruby2.5-rubygem-rails-html-sanitizer as a component of SUSE Linux Enterprise High Availability Extension 15 SP1 rubygem-rails-html-sanitizer as a component of SUSE Linux Enterprise High Availability Extension 15 SP1 ruby2.5-rubygem-rails-html-sanitizer as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 rubygem-rails-html-sanitizer as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 ruby2.1-rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud 6-LTSS rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud 6-LTSS ruby2.1-rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud 7 rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud 7 ruby2.1-rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud Crowbar 8 rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud Crowbar 8 ruby2.1-rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud Crowbar 9 rubygem-rails-html-sanitizer as a component of SUSE OpenStack Cloud Crowbar 9 In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized correctly even if math and svg are not in the allowlist. You are likely to be vulnerable to this issue if you use Sanitize's relaxed config or a custom config that allows one or more of the following HTML elements: iframe, math, noembed, noframes, noscript, plaintext, script, style, svg, xmp. Using carefully crafted input, an attacker may be able to sneak arbitrary HTML through Sanitize, potentially resulting in XSS (cross-site scripting) or other undesired behavior when that HTML is rendered in a browser. This has been fixed in 5.2.1. CVE-2020-4054 SUSE Linux Enterprise High Availability Extension 15 SP1:ruby2.5-rubygem-rails-html-sanitizer SUSE Linux Enterprise High Availability Extension 15 SP1:rubygem-rails-html-sanitizer SUSE Linux Enterprise High Availability Extension 15 SP2:ruby2.5-rubygem-rails-html-sanitizer SUSE Linux Enterprise High Availability Extension 15 SP2:rubygem-rails-html-sanitizer SUSE Linux Enterprise High Availability Extension 15:ruby2.5-rubygem-rails-html-sanitizer SUSE Linux Enterprise High Availability Extension 15:rubygem-rails-html-sanitizer SUSE OpenStack Cloud 6-LTSS:ruby2.1-rubygem-rails-html-sanitizer SUSE OpenStack Cloud 6-LTSS:rubygem-rails-html-sanitizer SUSE OpenStack Cloud 7:ruby2.1-rubygem-rails-html-sanitizer SUSE OpenStack Cloud 7:rubygem-rails-html-sanitizer SUSE OpenStack Cloud Crowbar 8:ruby2.1-rubygem-rails-html-sanitizer SUSE OpenStack Cloud Crowbar 8:rubygem-rails-html-sanitizer SUSE OpenStack Cloud Crowbar 9:ruby2.1-rubygem-rails-html-sanitizer SUSE OpenStack Cloud Crowbar 9:rubygem-rails-html-sanitizer moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L