Lucene search

Veracode Vulnerability DatabaseVERACODE:46012

HistoryMar 26, 2024 - 11:53 a.m.

Code Injection

2024-03-2611:53:01

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

getgrav

grav

code injection

twig extension

vulnerability

unrestricted access

arbitrary commands

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

getgrav/grav is vulnerable to Code Injection. The vulnerability is due to unrestricted access to the twig extension class from the Grav context within twig.php, which allows attackers to redefine the escape function and execute arbitrary commands.

CPENameOperatorVersion
getgrav/gravle1.7.44
getgrav/gravle1.7.44

CPE	Name	Operator	Version
	getgrav/grav	le	1.7.44
	getgrav/grav	le	1.7.44

References

github.com/getgrav/grav/commit/de1ccfa12dbcbf526104d68c1a6bc202a98698fe

github.com/getgrav/grav/security/advisories/GHSA-2m7x-c7px-hp58

github.com/twigphp/Twig/blob/3.x/src/Extension/EscaperExtension.php#L99

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for VERACODE:46012