VIR Vulnerability Intelligence Relay

CVE-2021-28957

medium
Published 2021-03-22 ยท Modified 2021-11-09
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
5.5

Description

RHSA-2021:4162: python38:3.8 and python38-devel:3.8 security update (Moderate)

Predictions

Exploit likelihood
30%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata โ€” Red Hat Inc. ยท View original โ†— ยท Open-Errata-API

Description python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS Red Hat statement Web applications vulnerable to this flaw, where a XSS attack can be accomplished, are only those that use python-lxml to sanitize HTML input and that allow user data to be placed in the "formaction" attribute of a form button. In Red Hat OpenStack Platform, because the flaw has aโ€ฆ

Description

python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS

Red Hat statement

Web applications vulnerable to this flaw, where a XSS attack can be accomplished, are only those that use python-lxml to sanitize HTML input and that allow user data to be placed in the "formaction" attribute of a form button. In Red Hat OpenStack Platform, because the flaw has a lower impact and the package is unlikely to be exploited in the RHOSP environment, no update will be provided at this time for the RHOSP python-lxml package. For Ansible Tower and Ansible Automation Platform, Lowering the impact from Moderate to Low as the vulnerable function i.e. lxml HTML Cleaner and the vulnerable attribute i.e. HTML FormAction are not being used.

CVSS v3: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Errata / fixed releases

ProductPackageAdvisoryReleased
Red Hat Enterprise Linux 8python27:2.7-8050020210811095446.3e7ace8bRHSA-2021:41512021-11-09T00:00:00Z
Red Hat Enterprise Linux 8python-lxml-0:4.2.3-3.el8RHSA-2021:41582021-11-09T00:00:00Z
Red Hat Enterprise Linux 8python39:3.9-8050020210811100211.d428a79bRHSA-2021:41602021-11-09T00:00:00Z
Red Hat Enterprise Linux 8python39-devel:3.9-8050020210811100211.d428a79bRHSA-2021:41602021-11-09T00:00:00Z
Red Hat Enterprise Linux 8python38:3.8-8050020210811101222.e3d35ccaRHSA-2021:41622021-11-09T00:00:00Z
Red Hat Enterprise Linux 8python38-devel:3.8-8050020210811101222.e3d35ccaRHSA-2021:41622021-11-09T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-babel-0:2.7.0-12.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-python-0:3.8.11-2.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-python-cryptography-0:2.8-5.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-python-jinja2-0:2.10.3-6.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-python-lxml-0:4.4.1-7.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-python-pip-0:19.3.1-2.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7rh-python38-python-urllib3-0:1.25.7-7.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-babel-0:2.7.0-12.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-python-0:3.8.11-2.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-python-cryptography-0:2.8-5.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-python-jinja2-0:2.10.3-6.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-python-lxml-0:4.4.1-7.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-python-pip-0:19.3.1-2.el7RHSA-2021:32542021-08-24T00:00:00Z
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUSrh-python38-python-urllib3-0:1.25.7-7.el7RHSA-2021:32542021-08-24T00:00:00Z

Package state

ProductPackageState
Red Hat Ansible Automation Platform 1.2lxmlAffected
Red Hat Ansible Tower 3lxmlOut of support scope
Red Hat Enterprise Linux 6python-lxmlOut of support scope
Red Hat Enterprise Linux 7python-lxmlOut of support scope
Red Hat Enterprise Linux 9python-lxmlNot affected
Red Hat OpenStack Platform 10 (Newton)python-lxmlOut of support scope
Red Hat OpenStack Platform 13 (Queens)python-lxmlWill not fix

Apply commands

bash fix
Apply RHSA-2021:4151 for Red Hat Enterprise Linux 8
yum update -y python27:2
# or:
dnf upgrade -y python27:2

Affected

VendorProductVersion
redhatRed Hat Ansible Automation Platform 1.2Affected
redhatRed Hat Enterprise Linux 9Not affected

OS impact
OSVersionStatusFixed in
arch archfixed4.6.3-1
suse slesaffected
rockylinux rocky8fixed
debian debianbookwormfixed4.6.3-1
debian debianbullseyefixed4.6.3-1
debian debianforkyfixed4.6.3-1
debian debiansidfixed4.6.3-1
debian debiantrixiefixed4.6.3-1
redhat rhel8fixed

Package impact
EcosystemPackageVulnerableFixed
python PyPIlxml<4.6.34.6.3
python PyPIlxml<a5f9cb52079dc57477c460dbe6ba0f775e14a999||<4.6.3a5f9cb52079dc57477c460dbe6ba0f775e14a999

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.