Bug 2318700 (CVE-2024-21535)

Summary: CVE-2024-21535 markdown-to-jsx: Cross-site Scripting vulnerability in markdown-to-jsx
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: alcohan, cdaley, gparvin, jchui, jkoehler, ktsao, lbainbri, lbalhar, nboldt, njean, owatkins, pahickey, rhaigner, rtaniwa, tkral
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in markdown-to-jsx. This vulnerability allows an attacker to execute arbitrary code via Cross-site scripting (XSS) through the src property by injecting a malicious iframe element into the markdown.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2318703, 2318704    
Bug Blocks:    

Description OSIDB Bzimport 2024-10-15 06:01:10 UTC 
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) via the src property due to improper input sanitization. An attacker can execute arbitrary code by injecting a malicious iframe element in the markdown.
Comment 1 Lumír Balhar 2024-10-15 10:04:02 UTC 
Reported upstream for jupyterlab: https://github.com/jupyterlab/jupyterlab/issues/16864
Comment 2 Lumír Balhar 2024-10-16 08:57:48 UTC 
Fixed upstream in https://github.com/jupyterlab/jupyterlab/commit/e707512050c9b54e4a7a76c313f64cf0a9c4abc2 I'm waiting for the next release.