View Code? Open in Web Editor
NEW
This project forked from owasp /nodegoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
Home Page: https://www.owasp.org/index.php/Projects/OWASP_Node_js_Goat_Project
License: Apache License 2.0
JavaScript 39.21%
HTML 60.52%
Dockerfile 0.25%
Procfile 0.02%
nodegoat's People
nodegoat's Issues
Vulnerable Library - tough-cookie-2.2.2.tgz
RFC6265 Cookies and Cookie Jar for node.js
Library home page: https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.2.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/grunt-retire/node_modules/tough-cookie/package.json
Dependency Hierarchy:
grunt-retire-0.3.12.tgz (Root Library)
request-2.67.0.tgz
❌ tough-cookie-2.2.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0.
Publish Date: 2018-09-05
URL: CVE-2016-1000232
CVSS 3 Score Details (5.3 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/130
Release Date: 2018-09-05
Fix Resolution: 2.3.0
CVE-2019-16776 - High Severity Vulnerability
Vulnerable Library - npm-3.10.10.tgz
a package manager for JavaScript
Library home page: https://registry.npmjs.org/npm/-/npm-3.10.10.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
❌ npm-3.10.10.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field would allow a package publisher to modify and/or gain access to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
Publish Date: 2019-12-13
URL: CVE-2019-16776
CVSS 3 Score Details (8.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
Release Date: 2019-12-13
Fix Resolution: npm - 6.13.3;yarn - 1.21.1
CVE-2019-10744 - High Severity Vulnerability
Vulnerable Libraries - lodash-4.17.11.tgz , lodash-2.4.2.tgz , lodash-4.13.1.tgz
lodash-4.17.11.tgz
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/lodash/package.json
Dependency Hierarchy:
async-2.6.1.tgz (Root Library)
❌ lodash-4.17.11.tgz (Vulnerable Library)
lodash-2.4.2.tgz
A utility library delivering consistency, customization, performance, & extras.
Library home page: https://registry.npmjs.org/lodash/-/lodash-2.4.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/lodash/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
❌ lodash-2.4.2.tgz (Vulnerable Library)
lodash-4.13.1.tgz
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.13.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/lodash/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-lib-instrument-1.1.0-alpha.4.tgz
babel-generator-6.11.4.tgz
❌ lodash-4.13.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Publish Date: 2019-07-26
URL: CVE-2019-10744
CVSS 3 Score Details (9.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: GHSA-jf85-cpcp-j695
Release Date: 2019-07-08
Fix Resolution: lodash-4.17.12, lodash-amd-4.17.12, lodash-es-4.17.12, lodash.defaultsdeep-4.6.1, lodash.merge- 4.6.2, lodash.mergewith-4.6.2, lodash.template-4.5.0
CVE-2014-10064 - High Severity Vulnerability
Vulnerable Library - qs-0.6.6.tgz
querystring parser
Library home page: https://registry.npmjs.org/qs/-/qs-0.6.6.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/qs/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
request-2.36.0.tgz
❌ qs-0.6.6.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. An attacker could leverage this to cause a temporary denial-of-service condition, for example, in a web application, other requests would not be processed while this blocking is occurring.
Publish Date: 2018-05-31
URL: CVE-2014-10064
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/28
Release Date: 2014-08-06
Fix Resolution: Update to version 1.0.0 or later
CVE-2018-21270 - Medium Severity Vulnerability
Vulnerable Library - stringstream-0.0.5.tgz
Encode and decode streams into string streams
Library home page: https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/stringstream/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
❌ stringstream-0.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).
Publish Date: 2020-12-03
URL: CVE-2018-21270
CVSS 3 Score Details (6.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21270
Release Date: 2020-12-03
Fix Resolution: 0.0.6
WS-2019-0318 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
In "showdownjs/showdown", versions prior to v4.4.5 are vulnerable against Regular expression Denial of Service (ReDOS) once receiving specially-crafted templates.
Publish Date: 2019-10-20
URL: WS-2019-0318
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1300
Release Date: 2019-12-01
Fix Resolution: handlebars - 4.4.5
CVE-2020-7662 - High Severity Vulnerability
Vulnerable Library - websocket-extensions-0.1.3.tgz
Generic extension manager for WebSocket connections
Library home page: https://registry.npmjs.org/websocket-extensions/-/websocket-extensions-0.1.3.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/websocket-extensions/package.json
Dependency Hierarchy:
grunt-contrib-watch-1.1.0.tgz (Root Library)
tiny-lr-1.1.1.tgz
faye-websocket-0.10.0.tgz
websocket-driver-0.7.0.tgz
❌ websocket-extensions-0.1.3.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.
Publish Date: 2020-06-02
URL: CVE-2020-7662
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7662
Release Date: 2020-06-02
Fix Resolution: websocket-extensions:0.1.4
WS-2020-0163 - Medium Severity Vulnerability
Vulnerable Library - marked-0.3.9.tgz
A markdown parser built for speed
Library home page: https://registry.npmjs.org/marked/-/marked-0.3.9.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/marked/package.json
Dependency Hierarchy:
❌ marked-0.3.9.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
marked before 1.1.1 is vulnerable to Regular Expression Denial of Service (REDoS). rules.js have multiple unused capture groups which can lead to a Denial of Service.
Publish Date: 2020-07-02
URL: WS-2020-0163
CVSS 3 Score Details (5.9 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://github.com/markedjs/marked/releases/tag/v1.1.1
Release Date: 2020-07-02
Fix Resolution: marked - 1.1.1
⛑️ Automatic Remediation is available for this issue
CVE-2020-7656 - Medium Severity Vulnerability
Vulnerable Library - jquery-1.4.4.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.4/jquery.min.js
Path to dependency file: NodeGoat/node_modules/selenium-webdriver/lib/test/data/droppableItems.html
Path to vulnerable library: NodeGoat/node_modules/selenium-webdriver/lib/test/data/js/jquery-1.4.4.min.js
Dependency Hierarchy:
❌ jquery-1.4.4.min.js (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.
Publish Date: 2020-05-19
URL: CVE-2020-7656
CVSS 3 Score Details (6.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Scope: Changed
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: rails/jquery-rails@8f601cb
Release Date: 2020-05-19
Fix Resolution: jquery-rails - 2.2.0
WS-2019-0333 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
In handlebars, versions prior to v4.5.3 are vulnerable to prototype pollution. Using a malicious template it's possbile to add or modify properties to the Object prototype. This can also lead to DOS and RCE in certain conditions.
Publish Date: 2019-11-18
URL: WS-2019-0333
CVSS 3 Score Details (8.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1325
Release Date: 2019-12-05
Fix Resolution: handlebars - 4.5.3
CVE-2020-7610 - High Severity Vulnerability
Vulnerable Library - bson-1.0.9.tgz
A bson parser for node.js and the browser
Library home page: https://registry.npmjs.org/bson/-/bson-1.0.9.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/bson/package.json
Dependency Hierarchy:
mongodb-2.2.36.tgz (Root Library)
mongodb-core-2.1.20.tgz
❌ bson-1.0.9.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. The package will ignore an unknown value for an object's _bsotype, leading to cases where an object is serialized as a document rather than the intended BSON type.
Publish Date: 2020-03-30
URL: CVE-2020-7610
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://github.com/mongodb/js-bson/releases/tag/v1.1.4
Release Date: 2020-03-30
Fix Resolution: bson - 1.1.4
WS-2014-0005 - High Severity Vulnerability
Vulnerable Library - qs-0.6.6.tgz
querystring parser
Library home page: https://registry.npmjs.org/qs/-/qs-0.6.6.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/qs/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
request-2.36.0.tgz
❌ qs-0.6.6.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Denial-of-Service Extended Event Loop Blocking.The qs module does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time
Publish Date: 2014-07-31
URL: WS-2014-0005
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/qs_dos_extended_event_loop_blocking
Release Date: 2014-08-06
Fix Resolution: Update qs to version 1.0.0 or greater
CVE-2019-10795 - Medium Severity Vulnerability
Vulnerable Library - undefsafe-2.0.2.tgz
Undefined safe way of extracting object properties
Library home page: https://registry.npmjs.org/undefsafe/-/undefsafe-2.0.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/undefsafe/package.json
Dependency Hierarchy:
nodemon-1.19.1.tgz (Root Library)
❌ undefsafe-2.0.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
undefsafe before 2.0.3 is vulnerable to Prototype Pollution. The 'a' function could be tricked into adding or modifying properties of Object.prototype using a proto payload.
Publish Date: 2020-02-18
URL: CVE-2019-10795
CVSS 3 Score Details (6.3 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10795
Release Date: 2020-02-18
Fix Resolution: 2.0.3
CVE-2019-16777 - Medium Severity Vulnerability
Vulnerable Library - npm-3.10.10.tgz
a package manager for JavaScript
Library home page: https://registry.npmjs.org/npm/-/npm-3.10.10.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
❌ npm-3.10.10.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a serve binary, any subsequent installs of packages that also create a serve binary would overwrite the previous serve binary. This behavior is still allowed in local installations and also through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
Publish Date: 2019-12-13
URL: CVE-2019-16777
CVSS 3 Score Details (6.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: High
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
Release Date: 2019-12-13
Fix Resolution: npm - 6.13.4
CVE-2017-15010 - High Severity Vulnerability
Vulnerable Libraries - tough-cookie-2.3.1.tgz , tough-cookie-2.2.2.tgz
tough-cookie-2.3.1.tgz
RFC6265 Cookies and Cookie Jar for node.js
Library home page: https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.3.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/tough-cookie/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
❌ tough-cookie-2.3.1.tgz (Vulnerable Library)
tough-cookie-2.2.2.tgz
RFC6265 Cookies and Cookie Jar for node.js
Library home page: https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.2.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/grunt-retire/node_modules/tough-cookie/package.json
Dependency Hierarchy:
grunt-retire-0.3.12.tgz (Root Library)
request-2.67.0.tgz
❌ tough-cookie-2.2.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU.
Publish Date: 2017-10-04
URL: CVE-2017-15010
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-15010
Release Date: 2017-10-04
Fix Resolution: 2.3.3
CVE-2020-15095 - Medium Severity Vulnerability
Vulnerable Library - npm-3.10.10.tgz
a package manager for JavaScript
Library home page: https://registry.npmjs.org/npm/-/npm-3.10.10.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
❌ npm-3.10.10.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "://[[:]@][:][:][/]". The password value is not redacted and is printed to stdout and also to any generated log files.
Publish Date: 2020-07-07
URL: CVE-2020-15095
CVSS 3 Score Details (4.4 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Local
Attack Complexity: High
Privileges Required: Low
User Interaction: Required
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: None
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: GHSA-93f3-23rq-pjfp
Release Date: 2020-07-07
Fix Resolution: npm - 6.14.6
CVE-2018-16492 - High Severity Vulnerability
Vulnerable Library - extend-3.0.0.tgz
Port of jQuery.extend for node.js and the browser
Library home page: https://registry.npmjs.org/extend/-/extend-3.0.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/extend/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
❌ extend-3.0.0.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype.
Publish Date: 2019-02-01
URL: CVE-2018-16492
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://hackerone.com/reports/381185
Release Date: 2019-02-01
Fix Resolution: extend - v3.0.2,v2.0.2
CVE-2018-20834 - High Severity Vulnerability
Vulnerable Library - tar-2.2.1.tgz
tar for node
Library home page: https://registry.npmjs.org/tar/-/tar-2.2.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/tar/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
❌ tar-2.2.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). An Arbitrary File Overwrite issue exists when extracting a tarball containing a hardlink to a file that already exists on the system, in conjunction with a later plain file with the same name as the hardlink. This plain file content replaces the existing file content. A patch has been applied to node-tar v2.2.2).
Publish Date: 2019-04-30
URL: CVE-2018-20834
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: High
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20834
Release Date: 2019-04-30
Fix Resolution: tar - 2.2.2,4.4.2
CVE-2019-19919 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's proto and defineGetter properties, which may allow an attacker to execute arbitrary code through crafted payloads.
Publish Date: 2019-12-20
URL: CVE-2019-19919
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1164
Release Date: 2019-12-20
Fix Resolution: 4.3.0
WS-2018-0084 - High Severity Vulnerability
Vulnerable Library - sshpk-1.10.1.tgz
A library for finding and using SSH public keys
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.10.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
http-signature-1.1.1.tgz
❌ sshpk-1.10.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of sshpk before 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.
Publish Date: 2018-04-25
URL: WS-2018-0084
CVSS 2 Score Details (8.0 )
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/606
Release Date: 2018-01-27
Fix Resolution: 1.14.1
WS-2019-0331 - Medium Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Arbitrary Code Execution vulnerability found in handlebars before 4.5.2. Lookup helper fails to validate templates. Attack may submit templates that execute arbitrary JavaScript in the system.
Publish Date: 2019-11-13
URL: WS-2019-0331
CVSS 2 Score Details (5.0 )
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1316
Release Date: 2019-12-05
Fix Resolution: handlebars - 4.5.2
CVE-2018-3737 - High Severity Vulnerability
Vulnerable Library - sshpk-1.10.1.tgz
A library for finding and using SSH public keys
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.10.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/http-signature/node_modules/sshpk/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
http-signature-1.1.1.tgz
❌ sshpk-1.10.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
Publish Date: 2018-06-07
URL: CVE-2018-3737
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://hackerone.com/reports/319593
Release Date: 2018-06-07
Fix Resolution: 1.13.2
WS-2018-0076 - Medium Severity Vulnerability
Vulnerable Library - tunnel-agent-0.4.3.tgz
HTTP proxy tunneling agent. Formerly part of mikeal/request, now a standalone module.
Library home page: https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.4.3.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/tunnel-agent/package.json
Dependency Hierarchy:
grunt-retire-0.3.12.tgz (Root Library)
request-2.67.0.tgz
❌ tunnel-agent-0.4.3.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of tunnel-agent before 0.6.0 are vulnerable to memory exposure.
This is exploitable if user supplied input is provided to the auth value and is a number.
Publish Date: 2017-03-05
URL: WS-2018-0076
CVSS 3 Score Details (5.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Local
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: None
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/598
Release Date: 2018-01-27
Fix Resolution: 0.6.0
CVE-2019-20920 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).
Publish Date: 2020-09-30
URL: CVE-2019-20920
CVSS 3 Score Details (8.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Changed
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: Low
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1324
Release Date: 2020-10-15
Fix Resolution: handlebars - 4.5.3
CVE-2017-16138 - High Severity Vulnerability
Vulnerable Library - mime-1.2.11.tgz
A comprehensive library for mime-type mapping
Library home page: https://registry.npmjs.org/mime/-/mime-1.2.11.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/mime/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
request-2.36.0.tgz
❌ mime-1.2.11.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
The mime module < 1.4.1, 2.0.1, 2.0.2 is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.
Publish Date: 2018-06-07
URL: CVE-2017-16138
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16138
Release Date: 2018-06-07
Fix Resolution: 1.4.1,2.0.3
CVE-2017-18077 - High Severity Vulnerability
Vulnerable Library - brace-expansion-1.1.6.tgz
Brace expansion as known from sh/bash
Library home page: https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.6.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/glob/node_modules/minimatch/node_modules/brace-expansion/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
read-package-json-2.0.4.tgz
glob-6.0.4.tgz
minimatch-3.0.3.tgz
❌ brace-expansion-1.1.6.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument containing many comma characters.
Publish Date: 2018-01-27
URL: CVE-2017-18077
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-18077
Release Date: 2018-01-27
Fix Resolution: 1.1.7
CVE-2016-10540 - High Severity Vulnerability
Vulnerable Library - minimatch-0.3.0.tgz
a glob matcher in javascript
Library home page: https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/mocha/node_modules/minimatch/package.json
Dependency Hierarchy:
mocha-2.5.3.tgz (Root Library)
glob-3.2.11.tgz
❌ minimatch-0.3.0.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp
objects. The primary function, minimatch(path, pattern)
in Minimatch 3.0.1 and earlier is vulnerable to ReDoS in the pattern
parameter.
Publish Date: 2018-05-31
URL: CVE-2016-10540
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/118
Release Date: 2016-06-20
Fix Resolution: Update to version 3.0.2 or later.
CVE-2019-20922 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. The parser may be forced into an endless loop while processing crafted templates. This may allow attackers to exhaust system resources.
Publish Date: 2020-09-30
URL: CVE-2019-20922
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1300
Release Date: 2020-10-07
Fix Resolution: handlebars - 4.4.5
CVE-2019-10746 - High Severity Vulnerability
Vulnerable Library - mixin-deep-1.3.1.tgz
Deeply mix the properties of objects into the first object. Like merge-deep, but doesn't clone.
Library home page: https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/mixin-deep/package.json
Dependency Hierarchy:
nodemon-1.19.1.tgz (Root Library)
chokidar-2.1.6.tgz
braces-2.3.2.tgz
snapdragon-0.8.2.tgz
base-0.11.2.tgz
❌ mixin-deep-1.3.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Publish Date: 2019-08-23
URL: CVE-2019-10746
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: jonschlinkert/mixin-deep@8f464c8
Release Date: 2019-07-11
Fix Resolution: 1.3.2,2.0.1
Vulnerable Libraries - qs-0.6.6.tgz , qs-6.2.1.tgz
qs-0.6.6.tgz
querystring parser
Library home page: https://registry.npmjs.org/qs/-/qs-0.6.6.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/qs/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
request-2.36.0.tgz
❌ qs-0.6.6.tgz (Vulnerable Library)
qs-6.2.1.tgz
A querystring parser that supports nesting and arrays, with a depth limit
Library home page: https://registry.npmjs.org/qs/-/qs-6.2.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/qs/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
❌ qs-6.2.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
the web framework using ljharb's qs module older than v6.3.2, v6.2.3, v6.1.2, and v6.0.4 is vulnerable to a DoS. A malicious user can send a evil request to cause the web framework crash.
Publish Date: 2017-07-17
URL: CVE-2017-1000048
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000048
Release Date: 2017-07-17
Fix Resolution: qs - 6.0.4,6.1.2,6.2.3,6.3.2
WS-2018-0103 - Medium Severity Vulnerability
Vulnerable Library - stringstream-0.0.5.tgz
Encode and decode streams into string streams
Library home page: https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/request/node_modules/stringstream/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
request-2.75.0.tgz
❌ stringstream-0.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
All versions of stringstream are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.
Publish Date: 2018-05-16
URL: WS-2018-0103
CVSS 3 Score Details (4.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: High
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: None
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nodesecurity.io/advisories/664
Release Date: 2018-01-27
Fix Resolution: 0.0.6
WS-2019-0332 - Medium Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Arbitrary Code Execution vulnerability found in handlebars before 4.5.3. Lookup helper fails to validate templates. Attack may submit templates that execute arbitrary JavaScript in the system.It is due to an incomplete fix for a WS-2019-0331.
Publish Date: 2019-11-17
URL: WS-2019-0332
CVSS 2 Score Details (5.0 )
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1324
Release Date: 2019-12-05
Fix Resolution: handlebars - 4.5.3
CVE-2017-16137 - Medium Severity Vulnerability
Vulnerable Library - debug-2.2.0.tgz
small debugging utility
Library home page: https://registry.npmjs.org/debug/-/debug-2.2.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/debug/package.json
Dependency Hierarchy:
mocha-2.5.3.tgz (Root Library)
❌ debug-2.2.0.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.
Publish Date: 2018-06-07
URL: CVE-2017-16137
CVSS 3 Score Details (5.3 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16137
Release Date: 2018-06-07
Fix Resolution: 2.6.9
CVE-2019-16775 - Medium Severity Vulnerability
Vulnerable Library - npm-3.10.10.tgz
a package manager for JavaScript
Library home page: https://registry.npmjs.org/npm/-/npm-3.10.10.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
❌ npm-3.10.10.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the package.json bin field would allow a package publisher to create a symlink pointing to arbitrary files on a user's system when the package is installed. This behavior is still possible through install scripts. This vulnerability bypasses a user using the --ignore-scripts install option.
Publish Date: 2019-12-13
URL: CVE-2019-16775
CVSS 3 Score Details (6.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: High
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
Release Date: 2019-12-13
Fix Resolution: npm - 6.13.3;yarn - 1.21.1
CVE-2020-8116 - High Severity Vulnerability
Vulnerable Library - dot-prop-4.2.0.tgz
Get, set, or delete a property from a nested object using a dot path
Library home page: https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/dot-prop/package.json
Dependency Hierarchy:
nodemon-1.19.1.tgz (Root Library)
update-notifier-2.5.0.tgz
configstore-3.1.2.tgz
❌ dot-prop-4.2.0.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
Publish Date: 2020-02-04
URL: CVE-2020-8116
CVSS 3 Score Details (7.3 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8116
Release Date: 2020-02-04
Fix Resolution: dot-prop - 5.1.1
WS-2019-0492 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system.
Publish Date: 2019-11-19
URL: WS-2019-0492
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1324
Release Date: 2019-11-19
Fix Resolution: handlebars - 3.0.8,4.5.3
CVE-2017-16042 - High Severity Vulnerability
Vulnerable Library - growl-1.9.2.tgz
Growl unobtrusive notifications
Library home page: https://registry.npmjs.org/growl/-/growl-1.9.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/growl/package.json
Dependency Hierarchy:
mocha-2.5.3.tgz (Root Library)
❌ growl-1.9.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution.
Publish Date: 2018-06-04
URL: CVE-2017-16042
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-16042
Release Date: 2018-06-04
Fix Resolution: 1.10.2
CVE-2016-2515 - High Severity Vulnerability
Vulnerable Library - hawk-1.0.0.tgz
HTTP Hawk Authentication Scheme
Library home page: https://registry.npmjs.org/hawk/-/hawk-1.0.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/hawk/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
request-2.36.0.tgz
❌ hawk-1.0.0.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU consumption or partial outage) via a long (1) header or (2) URI that is matched against an improper regular expression.
Publish Date: 2016-04-13
URL: CVE-2016-2515
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-2515
Release Date: 2016-04-13
Fix Resolution: 3.1.3,4.1.1
CVE-2015-9251 - Medium Severity Vulnerability
Vulnerable Library - jquery-1.4.4.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.4/jquery.min.js
Path to dependency file: NodeGoat/node_modules/selenium-webdriver/lib/test/data/droppableItems.html
Path to vulnerable library: NodeGoat/node_modules/selenium-webdriver/lib/test/data/js/jquery-1.4.4.min.js
Dependency Hierarchy:
❌ jquery-1.4.4.min.js (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
CVSS 3 Score Details (6.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Scope: Changed
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - v3.0.0
WS-2018-0628 - Medium Severity Vulnerability
Vulnerable Library - marked-0.3.9.tgz
A markdown parser built for speed
Library home page: https://registry.npmjs.org/marked/-/marked-0.3.9.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/marked/package.json
Dependency Hierarchy:
❌ marked-0.3.9.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
marked before 0.4.0 is vulnerable to Regular Expression Denial of Service (REDoS) through heading in marked.js.
Publish Date: 2018-04-16
URL: WS-2018-0628
CVSS 3 Score Details (5.3 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://github.com/markedjs/marked/releases/tag/0.4.0
Release Date: 2018-04-16
Fix Resolution: marked - 0.4.0
⛑️ Automatic Remediation is available for this issue
CVE-2012-6708 - Medium Severity Vulnerability
Vulnerable Library - jquery-1.4.4.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.4/jquery.min.js
Path to dependency file: NodeGoat/node_modules/selenium-webdriver/lib/test/data/droppableItems.html
Path to vulnerable library: NodeGoat/node_modules/selenium-webdriver/lib/test/data/js/jquery-1.4.4.min.js
Dependency Hierarchy:
❌ jquery-1.4.4.min.js (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Publish Date: 2018-01-18
URL: CVE-2012-6708
CVSS 3 Score Details (6.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Scope: Changed
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708
Release Date: 2018-01-18
Fix Resolution: jQuery - v1.9.0
CVE-2020-7774 - High Severity Vulnerability
Vulnerable Library - y18n-3.2.1.tgz
the bare-bones internationalization library used by yargs
Library home page: https://registry.npmjs.org/y18n/-/y18n-3.2.1.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/y18n/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
yargs-4.8.1.tgz
❌ y18n-3.2.1.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require('y18n')(); y18n.setLocale('proto '); y18n.updateLocale({polluted: true}); console.log(polluted); // true
Publish Date: 2020-11-17
URL: CVE-2020-7774
CVSS 3 Score Details (7.3 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: Low
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1654
Release Date: 2020-11-17
Fix Resolution: 3.2.2, 4.0.1, 5.0.5
CVE-2019-20149 - High Severity Vulnerability
Vulnerable Library - kind-of-6.0.2.tgz
Get the native type of a value.
Library home page: https://registry.npmjs.org/kind-of/-/kind-of-6.0.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/snapdragon-node/node_modules/kind-of/package.json
Dependency Hierarchy:
grunt-cli-1.3.2.tgz (Root Library)
liftoff-2.5.0.tgz
findup-sync-2.0.0.tgz
micromatch-3.1.10.tgz
❌ kind-of-6.0.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
Publish Date: 2019-12-30
URL: CVE-2019-20149
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: High
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20149
Release Date: 2019-12-30
Fix Resolution: 6.0.3
WS-2020-0180 - High Severity Vulnerability
Vulnerable Library - npm-user-validate-0.1.5.tgz
User validations for npm
Library home page: https://registry.npmjs.org/npm-user-validate/-/npm-user-validate-0.1.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/npm/node_modules/npm-user-validate/package.json
Dependency Hierarchy:
grunt-npm-install-0.3.1.tgz (Root Library)
npm-3.10.10.tgz
❌ npm-user-validate-0.1.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
The package npm-user-validate prior to version 1.0.1 is vulnerable to REDoS. The regex that validates a user's email took exponentially longer to process input strings that begin with the '@' character.
Publish Date: 2020-10-16
URL: WS-2020-0180
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: GHSA-xgh6-85xh-479p
Release Date: 2020-10-16
Fix Resolution: 1.0.1
WS-2019-0493 - High Severity Vulnerability
Vulnerable Library - handlebars-4.0.5.tgz
Handlebars provides the power necessary to let you build semantic templates effectively with no frustration
Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/nyc/node_modules/handlebars/package.json
Dependency Hierarchy:
grunt-if-0.2.0.tgz (Root Library)
grunt-contrib-nodeunit-1.0.0.tgz
nodeunit-0.9.5.tgz
tap-7.1.2.tgz
nyc-7.1.0.tgz
istanbul-reports-1.0.0-alpha.8.tgz
❌ handlebars-4.0.5.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
handlebars before 3.0.8 and 4.x before 4.5.2 is vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system.
Publish Date: 2019-11-14
URL: WS-2019-0493
CVSS 3 Score Details (7.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1316
Release Date: 2019-11-14
Fix Resolution: handlebars - 3.0.8,4.5.2
Vulnerable Library - adm-zip-0.4.4.tgz
A Javascript implementation of zip for nodejs. Allows user to create or extract zip files both in memory or to/from disk
Library home page: https://registry.npmjs.org/adm-zip/-/adm-zip-0.4.4.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/adm-zip/package.json
Dependency Hierarchy:
selenium-webdriver-2.53.3.tgz (Root Library)
❌ adm-zip-0.4.4.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
Publish Date: 2018-07-25
URL: CVE-2018-1002204
CVSS 3 Score Details (5.5 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Local
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: None
Integrity Impact: High
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-1002204
Release Date: 2018-07-25
Fix Resolution: 0.4.9
CVE-2019-10747 - High Severity Vulnerability
Vulnerable Libraries - set-value-2.0.0.tgz , set-value-0.4.3.tgz
set-value-2.0.0.tgz
Create nested values and any intermediaries using dot notation (`'a.b.c'`) paths.
Library home page: https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/set-value/package.json
Dependency Hierarchy:
nodemon-1.19.1.tgz (Root Library)
chokidar-2.1.6.tgz
braces-2.3.2.tgz
snapdragon-0.8.2.tgz
base-0.11.2.tgz
cache-base-1.0.1.tgz
❌ set-value-2.0.0.tgz (Vulnerable Library)
set-value-0.4.3.tgz
Create nested values and any intermediaries using dot notation (`'a.b.c'`) paths.
Library home page: https://registry.npmjs.org/set-value/-/set-value-0.4.3.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/union-value/node_modules/set-value/package.json
Dependency Hierarchy:
nodemon-1.19.1.tgz (Root Library)
chokidar-2.1.6.tgz
braces-2.3.2.tgz
snapdragon-0.8.2.tgz
base-0.11.2.tgz
cache-base-1.0.1.tgz
union-value-1.0.0.tgz
❌ set-value-0.4.3.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and proto payloads.
Publish Date: 2019-08-23
URL: CVE-2019-10747
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: jonschlinkert/set-value@95e9d99
Release Date: 2019-07-24
Fix Resolution: 2.0.1,3.0.1
WS-2018-0590 - High Severity Vulnerability
Vulnerable Library - diff-1.4.0.tgz
A javascript text diff implementation.
Library home page: https://registry.npmjs.org/diff/-/diff-1.4.0.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/diff/package.json
Dependency Hierarchy:
mocha-2.5.3.tgz (Root Library)
❌ diff-1.4.0.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
A vulnerability was found in diff before v3.5.0, the affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) attacks.
Publish Date: 2018-03-05
URL: WS-2018-0590
CVSS 2 Score Details (7.0 )
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: kpdecker/jsdiff@2aec429
Release Date: 2019-06-11
Fix Resolution: 3.5.0
WS-2019-0289 - Medium Severity Vulnerability
Vulnerable Library - helmet-csp-1.2.2.tgz
Content Security Policy middleware.
Library home page: https://registry.npmjs.org/helmet-csp/-/helmet-csp-1.2.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/helmet-csp/package.json
Dependency Hierarchy:
helmet-2.3.0.tgz (Root Library)
❌ helmet-csp-1.2.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Helmet-csp before 2.9.1 is vulnerable to a Configuration Override affecting the application's Content Security Policy (CSP). The package's browser sniffing for Firefox deletes the default-src CSP policy, which is the fallback policy. This allows an attacker to remove an application's default CSP, possibly rendering the application vulnerable to Cross-Site Scripting.
Publish Date: 2019-11-18
URL: WS-2019-0289
CVSS 3 Score Details (6.1 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Scope: Changed
Impact Metrics:
Confidentiality Impact: Low
Integrity Impact: Low
Availability Impact: None
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: https://www.npmjs.com/advisories/1176
Release Date: 2019-10-06
Fix Resolution: 2.9.1
Vulnerable Libraries - cryptiles-2.0.5.tgz , cryptiles-0.2.2.tgz
cryptiles-2.0.5.tgz
General purpose crypto utilities
Library home page: https://registry.npmjs.org/cryptiles/-/cryptiles-2.0.5.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/cryptiles/package.json
Dependency Hierarchy:
grunt-retire-0.3.12.tgz (Root Library)
request-2.67.0.tgz
hawk-3.1.3.tgz
❌ cryptiles-2.0.5.tgz (Vulnerable Library)
cryptiles-0.2.2.tgz
General purpose crypto utilities
Library home page: https://registry.npmjs.org/cryptiles/-/cryptiles-0.2.2.tgz
Path to dependency file: NodeGoat/package.json
Path to vulnerable library: NodeGoat/node_modules/zaproxy/node_modules/cryptiles/package.json
Dependency Hierarchy:
zaproxy-0.2.0.tgz (Root Library)
request-2.36.0.tgz
hawk-1.0.0.tgz
❌ cryptiles-0.2.2.tgz (Vulnerable Library)
Found in HEAD commit: fb4ecec6d8cec4d6319880467313dd5655957156
Found in base branch: master
Vulnerability Details
Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force something that was supposed to be random.. This attack appear to be exploitable via Depends upon the calling application.. This vulnerability appears to have been fixed in 4.1.2.
Publish Date: 2018-07-09
URL: CVE-2018-1000620
CVSS 3 Score Details (9.8 )
Base Score Metrics:
Exploitability Metrics:
Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Scope: Unchanged
Impact Metrics:
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
For more information on CVSS3 Scores, click here .
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000620
Release Date: 2018-07-09
Fix Resolution: v4.1.2