Coder Social home page Coder Social logo

hackthecat's People

Watchers

avatar

hackthecat's Issues

ejs-3.1.6.tgz: 2 vulnerabilities (highest severity is: 9.3)

Vulnerable Library - ejs-3.1.6.tgz

Embedded JavaScript templates

Library home page: https://registry.npmjs.org/ejs/-/ejs-3.1.6.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/ejs/package.json

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Vulnerabilities

CVE Severity CVSS Exploit Maturity EPSS Dependency Type Fixed in (ejs version) Remediation Possible** Reachability
CVE-2022-29078 Critical 9.3 Not Defined 28.7% ejs-3.1.6.tgz Direct 3.1.7 โœ…

Unreachable
CVE-2024-33883 High 8.7 Not Defined 0.0% ejs-3.1.6.tgz Direct ejs - 3.1.10 โœ…

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2022-29078

Vulnerable Library - ejs-3.1.6.tgz

Embedded JavaScript templates

Library home page: https://registry.npmjs.org/ejs/-/ejs-3.1.6.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/ejs/package.json

Dependency Hierarchy:

  • โŒ ejs-3.1.6.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

The vulnerable code is unreachable

Vulnerability Details

The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation).

Publish Date: 2022-04-25

URL: CVE-2022-29078

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 28.7%

CVSS 4 Score Details (9.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29078~

Release Date: 2022-04-25

Fix Resolution: 3.1.7

In order to enable automatic remediation, please create workflow rules

CVE-2024-33883

Vulnerable Library - ejs-3.1.6.tgz

Embedded JavaScript templates

Library home page: https://registry.npmjs.org/ejs/-/ejs-3.1.6.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/ejs/package.json

Dependency Hierarchy:

  • โŒ ejs-3.1.6.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Vulnerability Details

The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.

Publish Date: 2024-04-28

URL: CVE-2024-33883

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (8.7)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-33883

Release Date: 2024-04-28

Fix Resolution: ejs - 3.1.10

In order to enable automatic remediation, please create workflow rules

In order to enable automatic remediation for this issue, please create workflow rules

express-fileupload-1.3.1.tgz: 3 vulnerabilities (highest severity is: 9.2) reachable

Vulnerable Library - express-fileupload-1.3.1.tgz

Simple express file upload middleware that wraps around Busboy

Library home page: https://registry.npmjs.org/express-fileupload/-/express-fileupload-1.3.1.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/express-fileupload/package.json

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Vulnerabilities

CVE Severity CVSS Exploit Maturity EPSS Dependency Type Fixed in (express-fileupload version) Remediation Possible** Reachability
CVE-2022-27140 Critical 9.2 Not Defined 0.5% express-fileupload-1.3.1.tgz Direct N/A โŒ

Reachable
CVE-2022-27261 High 8.7 Not Defined 0.1% express-fileupload-1.3.1.tgz Direct N/A โŒ

Reachable
CVE-2022-24434 High 8.7 Not Defined 0.2% dicer-0.3.0.tgz Transitive N/A* โŒ

Reachable

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2022-27140

Vulnerable Library - express-fileupload-1.3.1.tgz

Simple express file upload middleware that wraps around Busboy

Library home page: https://registry.npmjs.org/express-fileupload/-/express-fileupload-1.3.1.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/express-fileupload/package.json

Dependency Hierarchy:

  • โŒ express-fileupload-1.3.1.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/app.js (Application)
  -> โŒ express-fileupload-1.3.1/lib/index.js (Vulnerable Component)

Vulnerability Details

An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. NOTE: the vendor's position is that the observed behavior can only occur with "intentional misusing of the API": the express-fileupload middleware is not responsible for an application's business logic (e.g., determining whether or how a file should be renamed).

Publish Date: 2022-04-12

URL: CVE-2022-27140

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.5%

CVSS 4 Score Details (9.2)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

CVE-2022-27261

Vulnerable Library - express-fileupload-1.3.1.tgz

Simple express file upload middleware that wraps around Busboy

Library home page: https://registry.npmjs.org/express-fileupload/-/express-fileupload-1.3.1.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/express-fileupload/package.json

Dependency Hierarchy:

  • โŒ express-fileupload-1.3.1.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/app.js (Application)
  -> express-fileupload-1.3.1/lib/index.js (Extension)
   -> express-fileupload-1.3.1/lib/processMultipart.js (Extension)
    -> โŒ express-fileupload-1.3.1/lib/memHandler.js (Vulnerable Component)

Vulnerability Details

An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server.

Publish Date: 2022-04-12

URL: CVE-2022-27261

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

CVSS 4 Score Details (8.7)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

CVE-2022-24434

Vulnerable Library - dicer-0.3.0.tgz

A very fast streaming multipart parser for node.js

Library home page: https://registry.npmjs.org/dicer/-/dicer-0.3.0.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/dicer/package.json

Dependency Hierarchy:

  • express-fileupload-1.3.1.tgz (Root Library)
    • busboy-0.3.1.tgz
      • โŒ dicer-0.3.0.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/app.js (Application)
  -> express-fileupload-1.3.1/lib/index.js (Extension)
   -> busboy-0.3.1/lib/main.js (Extension)
    -> busboy-0.3.1/lib/types/multipart.js (Extension)
     -> dicer-0.3.0/lib/Dicer.js (Extension)
      -> โŒ dicer-0.3.0/lib/HeaderParser.js (Vulnerable Component)

Vulnerability Details

This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.

Publish Date: 2022-05-20

URL: CVE-2022-24434

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

CVSS 4 Score Details (8.7)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

mysql2-2.3.3.tgz: 5 vulnerabilities (highest severity is: 9.3) reachable

Vulnerable Library - mysql2-2.3.3.tgz

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

Library home page: https://registry.npmjs.org/mysql2/-/mysql2-2.3.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/mysql2/package.json

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Vulnerabilities

CVE Severity CVSS Exploit Maturity EPSS Dependency Type Fixed in (mysql2 version) Remediation Possible** Reachability
CVE-2024-21511 Critical 9.3 Not Defined 0.0% mysql2-2.3.3.tgz Direct 3.9.7 โœ…

Reachable
CVE-2024-21508 Critical 9.3 Not Defined 0.0% mysql2-2.3.3.tgz Direct 3.9.4 โœ…

Reachable
CVE-2024-21509 Medium 6.9 Not Defined 0.0% mysql2-2.3.3.tgz Direct 3.9.4 โœ…

Reachable
CVE-2024-21507 Medium 6.9 Not Defined 0.0% mysql2-2.3.3.tgz Direct 3.9.3 โœ…

Reachable
CVE-2024-21512 High 8.8 Not Defined 0.0% mysql2-2.3.3.tgz Direct 3.9.8 โœ…

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2024-21511

Vulnerable Library - mysql2-2.3.3.tgz

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

Library home page: https://registry.npmjs.org/mysql2/-/mysql2-2.3.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/mysql2/package.json

Dependency Hierarchy:

  • โŒ mysql2-2.3.3.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/services/connectionService.js (Application)
  -> mysql2-2.3.3/index.js (Extension)
   -> mysql2-2.3.3/lib/connection.js (Extension)
    -> mysql2-2.3.3/lib/commands/index.js (Extension)
     -> mysql2-2.3.3/lib/commands/query.js (Extension)
      -> โŒ mysql2-2.3.3/lib/parsers/text_parser.js (Vulnerable Component)

Vulnerability Details

Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function.

Publish Date: 2024-04-23

URL: CVE-2024-21511

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (9.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-21511

Release Date: 2024-04-23

Fix Resolution: 3.9.7

In order to enable automatic remediation, please create workflow rules

CVE-2024-21508

Vulnerable Library - mysql2-2.3.3.tgz

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

Library home page: https://registry.npmjs.org/mysql2/-/mysql2-2.3.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/mysql2/package.json

Dependency Hierarchy:

  • โŒ mysql2-2.3.3.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/services/connectionService.js (Application)
  -> mysql2-2.3.3/index.js (Extension)
   -> mysql2-2.3.3/lib/connection.js (Extension)
    -> mysql2-2.3.3/lib/commands/index.js (Extension)
     -> mysql2-2.3.3/lib/commands/execute.js (Extension)
      -> โŒ mysql2-2.3.3/lib/parsers/binary_parser.js (Vulnerable Component)

Vulnerability Details

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.

Publish Date: 2024-04-11

URL: CVE-2024-21508

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (9.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-21508

Release Date: 2024-04-11

Fix Resolution: 3.9.4

In order to enable automatic remediation, please create workflow rules

CVE-2024-21509

Vulnerable Library - mysql2-2.3.3.tgz

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

Library home page: https://registry.npmjs.org/mysql2/-/mysql2-2.3.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/mysql2/package.json

Dependency Hierarchy:

  • โŒ mysql2-2.3.3.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/services/connectionService.js (Application)
  -> mysql2-2.3.3/index.js (Extension)
   -> mysql2-2.3.3/lib/connection.js (Extension)
    -> mysql2-2.3.3/lib/commands/index.js (Extension)
     -> mysql2-2.3.3/lib/commands/execute.js (Extension)
      -> โŒ mysql2-2.3.3/lib/parsers/binary_parser.js (Vulnerable Component)

Vulnerability Details

Versions of the package mysql2 before 3.9.4 are vulnerable to Prototype Poisoning due to insecure results object creation and improper user input sanitization passed through parserFn in text_parser.js and binary_parser.js.

Publish Date: 2024-04-10

URL: CVE-2024-21509

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (6.9)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-21509

Release Date: 2024-04-10

Fix Resolution: 3.9.4

In order to enable automatic remediation, please create workflow rules

CVE-2024-21507

Vulnerable Library - mysql2-2.3.3.tgz

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

Library home page: https://registry.npmjs.org/mysql2/-/mysql2-2.3.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/mysql2/package.json

Dependency Hierarchy:

  • โŒ mysql2-2.3.3.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/services/connectionService.js (Application)
  -> mysql2-2.3.3/index.js (Extension)
   -> โŒ mysql2-2.3.3/lib/parsers/parser_cache.js (Vulnerable Component)

Vulnerability Details

Versions of the package mysql2 before 3.9.3 are vulnerable to Improper Input Validation through the keyFromFields function, resulting in cache poisoning. An attacker can inject a colon (:) character within a value of the attacker-crafted key.

Publish Date: 2024-04-10

URL: CVE-2024-21507

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (6.9)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2024-21507

Release Date: 2024-04-10

Fix Resolution: 3.9.3

In order to enable automatic remediation, please create workflow rules

CVE-2024-21512

Vulnerable Library - mysql2-2.3.3.tgz

fast mysql driver. Implements core protocol, prepared statements, ssl and compression in native JS

Library home page: https://registry.npmjs.org/mysql2/-/mysql2-2.3.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/mysql2/package.json

Dependency Hierarchy:

  • โŒ mysql2-2.3.3.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Vulnerability Details

Versions of the package mysql2 before 3.9.8 are vulnerable to Prototype Pollution due to improper user input sanitization passed to fields and tables when using nestTables.

Publish Date: 2024-05-29

URL: CVE-2024-21512

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (8.8)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2024-05-29

Fix Resolution: 3.9.8

In order to enable automatic remediation, please create workflow rules

In order to enable automatic remediation for this issue, please create workflow rules

pug-2.0.4.tgz: 1 vulnerabilities (highest severity is: 9.5) reachable

Vulnerable Library - pug-2.0.4.tgz

A clean, whitespace-sensitive template language for writing HTML

Library home page: https://registry.npmjs.org/pug/-/pug-2.0.4.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/pug/package.json

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Vulnerabilities

CVE Severity CVSS Exploit Maturity EPSS Dependency Type Fixed in (pug version) Remediation Possible** Reachability
CVE-2021-21353 Critical 9.5 Not Defined 4.1% pug-2.0.4.tgz Direct 3.0.0-canary-1 โœ…

Reachable

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2021-21353

Vulnerable Library - pug-2.0.4.tgz

A clean, whitespace-sensitive template language for writing HTML

Library home page: https://registry.npmjs.org/pug/-/pug-2.0.4.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/pug/package.json

Dependency Hierarchy:

  • โŒ pug-2.0.4.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/routes/homeRoutes.js (Application)
  -> โŒ pug-2.0.4/lib/index.js (Vulnerable Component)

Vulnerability Details

Pug is an npm package which is a high-performance template engine. In pug before version 3.0.1, if a remote attacker was able to control the pretty option of the pug compiler, e.g. if you spread a user provided object such as the query parameters of a request into the pug template inputs, it was possible for them to achieve remote code execution on the node.js backend. This is fixed in version 3.0.1. This advisory applies to multiple pug packages including "pug", "pug-code-gen". pug-code-gen has a backported fix at version 2.0.3. This advisory is not exploitable if there is no way for un-trusted input to be passed to pug as the pretty option, e.g. if you compile templates in advance before applying user input to them, you do not need to upgrade.

Publish Date: 2021-03-03

URL: CVE-2021-21353

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 4.1%

CVSS 4 Score Details (9.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: High
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-p493-635q-r6gr

Release Date: 2021-03-03

Fix Resolution: 3.0.0-canary-1

In order to enable automatic remediation, please create workflow rules

In order to enable automatic remediation for this issue, please create workflow rules

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Pending Approval

These branches will be created by Renovate only once you click their checkbox below.

  • [LOW] Update dependency mysql2 to v3

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

docker-compose
docker-compose.yaml
dockerfile
db/Dockerfile
web/Dockerfile
github-actions
.github/workflows/codeql.yml
  • actions/checkout v3
  • github/codeql-action v2
  • github/codeql-action v2
  • github/codeql-action v2
npm
web/package.json
  • cookie-parser ^1.4.6
  • cors ^2.8.5
  • dotenv ^16.0.0
  • ejs ^3.1.6
  • express ^4.17.2
  • express-fileupload ^1.3.1
  • express-session ^1.17.2
  • morgan ^1.10.0
  • mysql2 ^2.3.3
  • node-serialize 0.0.4
  • pug 2.0.4

node-serialize-0.0.4.tgz: 2 vulnerabilities (highest severity is: 9.3) reachable

Vulnerable Library - node-serialize-0.0.4.tgz

Serialize a object including it's function into a JSON.

Library home page: https://registry.npmjs.org/node-serialize/-/node-serialize-0.0.4.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/node-serialize/package.json

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Vulnerabilities

CVE Severity CVSS Exploit Maturity EPSS Dependency Type Fixed in (node-serialize version) Remediation Possible** Reachability
CVE-2017-5941 Critical 9.3 Not Defined 4.1% node-serialize-0.0.4.tgz Direct N/A โŒ

Reachable
CVE-2017-16004 High 8.1 Not Defined node-serialize-0.0.4.tgz Direct N/A โŒ

Reachable

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2017-5941

Vulnerable Library - node-serialize-0.0.4.tgz

Serialize a object including it's function into a JSON.

Library home page: https://registry.npmjs.org/node-serialize/-/node-serialize-0.0.4.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/node-serialize/package.json

Dependency Hierarchy:

  • โŒ node-serialize-0.0.4.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/routes/adminRoutes.js (Application)
  -> โŒ node-serialize-0.0.4/lib/serialize.js (Vulnerable Component)

Vulnerability Details

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).

Publish Date: 2017-02-09

URL: CVE-2017-5941

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 4.1%

CVSS 4 Score Details (9.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

CVE-2017-16004

Vulnerable Library - node-serialize-0.0.4.tgz

Serialize a object including it's function into a JSON.

Library home page: https://registry.npmjs.org/node-serialize/-/node-serialize-0.0.4.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/node-serialize/package.json

Dependency Hierarchy:

  • โŒ node-serialize-0.0.4.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/routes/adminRoutes.js (Application)
  -> โŒ node-serialize-0.0.4/lib/serialize.js (Vulnerable Component)

Vulnerability Details

node-serialize ll versions can be abused to execute arbitrary code via an immediately invoked function expression

Publish Date: 2019-07-11

URL: CVE-2017-16004

Threat Assessment

Exploit Maturity: Not Defined

EPSS:

CVSS 3 Score Details (8.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

express-4.17.3.tgz: 1 vulnerabilities (highest severity is: 5.3) reachable

Vulnerable Library - express-4.17.3.tgz

Fast, unopinionated, minimalist web framework

Library home page: https://registry.npmjs.org/express/-/express-4.17.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/express/package.json

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Vulnerabilities

CVE Severity CVSS Exploit Maturity EPSS Dependency Type Fixed in (express version) Remediation Possible** Reachability
CVE-2024-29041 Medium 5.3 Not Defined 0.0% express-4.17.3.tgz Direct 4.19.0 โœ…

Reachable

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2024-29041

Vulnerable Library - express-4.17.3.tgz

Fast, unopinionated, minimalist web framework

Library home page: https://registry.npmjs.org/express/-/express-4.17.3.tgz

Path to dependency file: /web/package.json

Path to vulnerable library: /web/node_modules/express/package.json

Dependency Hierarchy:

  • โŒ express-4.17.3.tgz (Vulnerable Library)

Found in HEAD commit: 3ef99769403f1d861850400e94786191c7fb5469

Found in base branch: main

Reachability Analysis

This vulnerability is potentially reachable

hackthecat-0.0.1/routes/contactMessageRoutes.js (Application)
  -> express-4.17.3/index.js (Extension)
   -> express-4.17.3/lib/express.js (Extension)
    -> โŒ express-4.17.3/lib/response.js (Vulnerable Component)

Vulnerability Details

Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode using encodeurl on the contents before passing it to the location header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is res.location() but this is also called from within res.redirect(). The vulnerability is fixed in 4.19.2 and 5.0.0-beta.3.

Publish Date: 2024-03-25

URL: CVE-2024-29041

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

CVSS 4 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: N/A
    • Scope: N/A
  • Impact Metrics:
    • Confidentiality Impact: N/A
    • Integrity Impact: N/A
    • Availability Impact: N/A

For more information on CVSS4 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-rv95-896h-c2vc

Release Date: 2024-03-25

Fix Resolution: 4.19.0

In order to enable automatic remediation, please create workflow rules

In order to enable automatic remediation for this issue, please create workflow rules

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.