GitHub Advisory DatabaseGHSA-W387-5QQW-7G8MContent-Security-Policy header generation in middleware could be compromised by malicious injections
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%
Impact
When the following conditions are met:
- Automated CSP headers generation for SSR content is enabled
- The web application serves content that can be partially controlled by external users
Then it is possible that the CSP headers generation feature might be “allow-listing” malicious injected resources like inlined JS, or references to external malicious scripts.
Patches
Available in version 1.3.0 .
Workarounds
- Do not enable CSP headers generation.
- Use it only for dynamically generated content that cannot be controlled by external users in any way.
References
Are there any links users can visit to find out more?
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kindspells | astro-shield | 1.2.0 | cpe:2.3:a:kindspells:astro-shield:1.2.0:*:*:*:*:*:*:* |
References
github.com/advisories/GHSA-w387-5qqw-7g8m
github.com/KindSpells/astro-shield/commit/41b84576d37fa486a57005ea297658d0bc38566d
github.com/KindSpells/astro-shield/commit/ad3abf5577bae9be420b7ddf376337a5b8817869
github.com/KindSpells/astro-shield/compare/1.2.0...1.3.0
github.com/KindSpells/astro-shield/security/advisories/GHSA-w387-5qqw-7g8m
nvd.nist.gov/vuln/detail/CVE-2024-29896
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%