Vulnerabilites related to apostrophecms - sanitize-html
cve-2021-26539
Vulnerability from cvelistv5
Published
2021-02-08 16:16
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the "allowedIframeHostnames" option.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22 | x_refsource_MISC | |
| https://github.com/apostrophecms/sanitize-html/pull/458 | x_refsource_MISC | |
| https://advisory.checkmarx.net/advisory/CX-2021-4308 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:26:25.401Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/apostrophecms/sanitize-html/pull/458", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4308", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-25T22:07:49", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/apostrophecms/sanitize-html/pull/458", }, { tags: [ "x_refsource_MISC", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4308", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-26539", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", refsource: "MISC", url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", }, { name: "https://github.com/apostrophecms/sanitize-html/pull/458", refsource: "MISC", url: "https://github.com/apostrophecms/sanitize-html/pull/458", }, { name: "https://advisory.checkmarx.net/advisory/CX-2021-4308", refsource: "MISC", url: "https://advisory.checkmarx.net/advisory/CX-2021-4308", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-26539", datePublished: "2021-02-08T16:16:06", dateReserved: "2021-02-01T00:00:00", dateUpdated: "2024-08-03T20:26:25.401Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25887
Vulnerability from cvelistv5
Published
2022-08-30 05:00
Modified
2024-09-17 03:07
Severity ?
EPSS score ?
Summary
The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526 | x_refsource_MISC | |
| https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102 | x_refsource_MISC | |
| https://github.com/apostrophecms/sanitize-html/pull/557 | x_refsource_MISC | |
| https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | sanitize-html |
Version: unspecified < 2.7.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:49:44.330Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/apostrophecms/sanitize-html/pull/557", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "sanitize-html", vendor: "n/a", versions: [ { lessThan: "2.7.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Nariyoshi Chida of NTT Security Japan", }, ], datePublic: "2022-08-30T00:00:00", descriptions: [ { lang: "en", value: "The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Regular Expression Denial of Service (ReDoS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-30T05:00:20", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", }, { tags: [ "x_refsource_MISC", ], url: "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/apostrophecms/sanitize-html/pull/557", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", }, ], title: "Regular Expression Denial of Service (ReDoS)", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2022-08-30T05:00:02.403842Z", ID: "CVE-2022-25887", STATE: "PUBLIC", TITLE: "Regular Expression Denial of Service (ReDoS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "sanitize-html", version: { version_data: [ { version_affected: "<", version_value: "2.7.1", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Nariyoshi Chida of NTT Security Japan", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Regular Expression Denial of Service (ReDoS)", }, ], }, ], }, references: { reference_data: [ { name: "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", refsource: "MISC", url: "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", }, { name: "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", refsource: "MISC", url: "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", }, { name: "https://github.com/apostrophecms/sanitize-html/pull/557", refsource: "MISC", url: "https://github.com/apostrophecms/sanitize-html/pull/557", }, { name: "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", refsource: "MISC", url: "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2022-25887", datePublished: "2022-08-30T05:00:20.149607Z", dateReserved: "2022-02-24T00:00:00", dateUpdated: "2024-09-17T03:07:00.082Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-26540
Vulnerability from cvelistv5
Published
2021-02-08 16:16
Modified
2024-08-03 20:26
Severity ?
EPSS score ?
Summary
Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with "/\\example.com".
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26 | x_refsource_MISC | |
| https://github.com/apostrophecms/sanitize-html/pull/460 | x_refsource_MISC | |
| https://advisory.checkmarx.net/advisory/CX-2021-4309 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T20:26:25.388Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/apostrophecms/sanitize-html/pull/460", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-25T22:01:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/apostrophecms/sanitize-html/pull/460", }, { tags: [ "x_refsource_MISC", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4309", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-26540", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", refsource: "MISC", url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", }, { name: "https://github.com/apostrophecms/sanitize-html/pull/460", refsource: "MISC", url: "https://github.com/apostrophecms/sanitize-html/pull/460", }, { name: "https://advisory.checkmarx.net/advisory/CX-2021-4309", refsource: "MISC", url: "https://advisory.checkmarx.net/advisory/CX-2021-4309", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-26540", datePublished: "2021-02-08T16:16:07", dateReserved: "2021-02-01T00:00:00", dateUpdated: "2024-08-03T20:26:25.388Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-1000237
Vulnerability from cvelistv5
Published
2020-01-23 14:21
Modified
2024-08-06 03:55
Severity ?
EPSS score ?
Summary
sanitize-html before 1.4.3 has XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json | x_refsource_MISC | |
| https://nodesecurity.io/advisories/135 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:55:27.115Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nodesecurity.io/advisories/135", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "sanitize-html before 1.4.3 has XSS.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-23T14:21:28", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", }, { tags: [ "x_refsource_MISC", ], url: "https://nodesecurity.io/advisories/135", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-1000237", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "sanitize-html before 1.4.3 has XSS.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", refsource: "MISC", url: "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", }, { name: "https://nodesecurity.io/advisories/135", refsource: "MISC", url: "https://nodesecurity.io/advisories/135", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-1000237", datePublished: "2020-01-23T14:21:28", dateReserved: "2016-09-20T00:00:00", dateUpdated: "2024-08-06T03:55:27.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-02-08 17:15
Modified
2024-11-21 05:56
Severity ?
Summary
Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the "allowedIframeHostnames" option when the "allowIframeRelativeUrls" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with "/\\example.com".
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://advisory.checkmarx.net/advisory/CX-2021-4309 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/apostrophecms/sanitize-html/pull/460 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://advisory.checkmarx.net/advisory/CX-2021-4309 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apostrophecms/sanitize-html/pull/460 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apostrophecms | sanitize-html | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apostrophecms:sanitize-html:*:*:*:*:*:node.js:*:*", matchCriteriaId: "1366C9FC-2776-4497-90A4-4B117CB54561", versionEndExcluding: "2.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apostrophe Technologies sanitize-html before 2.3.2 does not properly validate the hostnames set by the \"allowedIframeHostnames\" option when the \"allowIframeRelativeUrls\" is set to true, which allows attackers to bypass hostname whitelist for iframe element, related using an src value that starts with \"/\\\\example.com\".", }, { lang: "es", value: "Apostrophe Technologies sanitize-html versiones anteriores a 2.3.2 no comprueba correctamente los nombres de host establecidos por la opción \"allowedIframeHostnames\" cuando \"allowIframeRelativeUrls\" se establece en true, lo que permite a atacantes omitir la lista blanca de nombres de host para el elemento iframe, relacionado con un valor src que comienza con \"/\\\\example.com\"", }, ], id: "CVE-2021-26540", lastModified: "2024-11-21T05:56:26.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-08T17:15:13.737", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4309", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/pull/460", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#232-2021-01-26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/pull/460", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-23 15:15
Modified
2024-11-21 02:43
Severity ?
Summary
sanitize-html before 1.4.3 has XSS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apostrophecms | sanitize-html | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apostrophecms:sanitize-html:*:*:*:*:*:node.js:*:*", matchCriteriaId: "5A91FD92-623A-45E5-8B48-AB98469E50D4", versionEndExcluding: "1.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "sanitize-html before 1.4.3 has XSS.", }, { lang: "es", value: "sanitize-html versiones anteriores a 1.4.3, presenta una vulnerabilidad de tipo XSS.", }, ], id: "CVE-2016-1000237", lastModified: "2024-11-21T02:43:01.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-23T15:15:13.160", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://nodesecurity.io/advisories/135", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://nodesecurity.io/advisories/135", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000237.json", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-08 17:15
Modified
2024-11-21 05:56
Severity ?
Summary
Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the "allowedIframeHostnames" option.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://advisory.checkmarx.net/advisory/CX-2021-4308 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22 | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/apostrophecms/sanitize-html/pull/458 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://advisory.checkmarx.net/advisory/CX-2021-4308 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/apostrophecms/sanitize-html/pull/458 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apostrophecms | sanitize-html | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apostrophecms:sanitize-html:*:*:*:*:*:node.js:*:*", matchCriteriaId: "6A1A1822-184A-4E07-AB5C-C15089BD3EED", versionEndExcluding: "2.3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.", }, { lang: "es", value: "Apostrophe Technologies sanitize-html antes de 2.3.1, no maneja apropiadamente los nombres de dominio internacionalizados (IDN), lo que podría permitir a un atacante omitir la validación de la lista blanca de nombres de host establecida por la opción \"allowedIframeHostnames\"", }, ], id: "CVE-2021-26539", lastModified: "2024-11-21T05:56:26.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-08T17:15:13.673", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4308", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/pull/458", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://advisory.checkmarx.net/advisory/CX-2021-4308", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md#231-2021-01-22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/pull/458", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-08-30 05:15
Modified
2024-11-21 06:53
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apostrophecms | sanitize-html | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apostrophecms:sanitize-html:*:*:*:*:*:node.js:*:*", matchCriteriaId: "07CE3D84-F7A6-47CA-83D7-7A91E58D47B8", versionEndExcluding: "2.7.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.", }, { lang: "es", value: "El paquete sanitize-html versiones anteriores a 2.7.1, es vulnerable a una Denegación de Servicio por Expresión Regular (ReDoS) debido a una inseguridad de la lógica de reemplazo global de expresiones regulares en la eliminación de comentarios HTML", }, ], id: "CVE-2022-25887", lastModified: "2024-11-21T06:53:09.953", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-30T05:15:07.727", references: [ { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", }, { source: "report@snyk.io", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/pull/557", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", }, { source: "report@snyk.io", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/apostrophecms/sanitize-html/pull/557", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1333", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }