Lucene search

GitHub Advisory DatabaseGHSA-6722-XVQ8-3254

HistoryMar 06, 2023 - 6:30 a.m.

SketchSVG Arbitrary Code Injection vulnerability

2023-03-0606:30:18

CWE-94

GitHub Advisory Database

github.com

arbitrary code injection

sketchsvg

package vulnerability

shell.exec

command string concatenation

current directory

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

All versions of the package sketchsvg are vulnerable to Arbitrary Code Injection when invoking shell.exec without sanitization nor parametrization while concatenating the current directory as part of the command string.

Affected configurations

Vulners

Node

ebaysketchsvgRange≤0.0.1

VendorProductVersionCPE
ebaysketchsvg*cpe:2.3:a:ebay:sketchsvg:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ebay	sketchsvg	*	cpe:2.3:a:ebay:sketchsvg::::::::

References

github.com/advisories/GHSA-6722-xvq8-3254

github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js#23L115

github.com/eBay/SketchSVG/blob/dd1036648f0f320a3187ef79d506b676b9eb87a6/lib/index.js#23L64

nvd.nist.gov/vuln/detail/CVE-2023-26107

security.snyk.io/vuln/SNYK-JS-SKETCHSVG-3167969

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Related for GHSA-6722-XVQ8-3254