Lucene search

GitHub Advisory DatabaseGHSA-6Q49-35H6-RQ2P

HistoryNov 25, 2022 - 6:30 p.m.

Browsershot version 3.57.3 vulnerable to improper input validation

2022-11-2518:30:25

CWE-20

CWE-79

GitHub Advisory Database

github.com

browsershot

version 3.57.3

improper input validation

remote file access

external attacker

arbitrary local files

js content

file:// protocol

vulnerability

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

0.002 Low

EPSS

Percentile

55.7%

JSON

Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content imported from an external source passed to the Browsershot::html method does not contain URLs that use the file:// protocol.

Affected configurations

Vulners

Node

spatiebrowsershotRange<3.57.4

CPENameOperatorVersion
spatie/browsershotlt3.57.4

CPE	Name	Operator	Version
	spatie/browsershot	lt	3.57.4

References

fluidattacks.com/advisories/malone/

github.com/advisories/GHSA-6q49-35h6-rq2p

github.com/spatie/browsershot/commit/554c3e566fde8c47ad1ac9be47eaeb9a84c4dfe2

github.com/spatie/browsershot/commit/92cf16fc098211731f80d21687abeafbe2c457ad

nvd.nist.gov/vuln/detail/CVE-2022-43984

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

0.002 Low

EPSS

Percentile

55.7%

JSON

Related for GHSA-6Q49-35H6-RQ2P