Lucene search

GitHub Advisory DatabaseGHSA-79XF-67R4-Q2JJ

HistoryApr 11, 2023 - 6:30 a.m.

safe-eval vulnerable to Sandbox Bypass due to improper input sanitization

2023-04-1106:30:29

CWE-1321

GitHub Advisory Database

github.com

vulnerable

sandbox bypass

prototype pollution

rce

definegetter

stack

tolocalestring

propertyisenumerable.call

valueof

software

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

0.009 Low

EPSS

Percentile

83.2%

JSON

All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution (RCE).

Vulnerable functions:

defineGetter, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().

Affected configurations

Vulners

Node

safefme_serverRange≤0.4.2

CPENameOperatorVersion
safe-evalle0.4.2

CPE	Name	Operator	Version
	safe-eval	le	0.4.2

References

gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce

github.com/advisories/GHSA-79xf-67r4-q2jj

github.com/hacksparrow/safe-eval/issues/27

github.com/hacksparrow/safe-eval/issues/31

github.com/hacksparrow/safe-eval/issues/32

github.com/hacksparrow/safe-eval/issues/33

github.com/hacksparrow/safe-eval/issues/34

github.com/hacksparrow/safe-eval/issues/35

nvd.nist.gov/vuln/detail/CVE-2023-26122

security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for GHSA-79XF-67R4-Q2JJ