Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities found for minder by lfprojects

    CVE-2024-27916 (GCVE-0-2024-27916)

    Vulnerability from nvd – Published: 2024-03-06 20:21 – Updated: 2024-08-02 19:39
    VLAI
    Title
    `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user
    Summary
    Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints `GetRepositoryByName`, `DeleteRepositoryByName`, and `GetArtifactByName` to access any repository in the database, irrespective of who owns the repo and any permissions present. The database query checks by repo owner, repo name and provider name (which is always `github`). These query values are not distinct for the particular user - as long as the user has valid credentials and a provider, they can set the repo owner/name to any value they want and the server will return information on this repo. Version 0.0.33 contains a patch for this issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    stacklok minder Affected: < 0.0.33
    Create a notification for this product.
    stacklok minder Affected: 0 , < 0.0.33 (custom)
        cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:41:55.808Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37"
              },
              {
                "name": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb"
              },
              {
                "name": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278"
              },
              {
                "name": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "minder",
                "vendor": "stacklok",
                "versions": [
                  {
                    "lessThan": "0.0.33",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-27916",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T19:38:55.333522Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:39:30.349Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "minder",
              "vendor": "stacklok",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.0.33"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints `GetRepositoryByName`, `DeleteRepositoryByName`, and `GetArtifactByName` to access any repository in the database, irrespective of who owns the repo and any permissions present. The database query checks by repo owner, repo name and provider name (which is always `github`). These query values are not distinct for the particular user - as long as the user has valid credentials and a provider, they can set the repo owner/name to any value they want and the server will return information on this repo. Version 0.0.33 contains a patch for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285: Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-06T20:21:22.125Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37"
            },
            {
              "name": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb"
            },
            {
              "name": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278"
            },
            {
              "name": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299"
            }
          ],
          "source": {
            "advisory": "GHSA-v627-69v2-xx37",
            "discovery": "UNKNOWN"
          },
          "title": "`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-27916",
        "datePublished": "2024-03-06T20:21:22.125Z",
        "dateReserved": "2024-02-28T15:14:14.213Z",
        "dateUpdated": "2024-08-02T19:39:30.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-27093 (GCVE-0-2024-27093)

    Vulnerability from nvd – Published: 2024-02-26 21:57 – Updated: 2024-08-27 19:43
    VLAI
    Title
    Minder trusts client-provided mapping from repo name to upstream ID
    Summary
    Minder is a Software Supply Chain Security Platform. In version 0.0.31 and earlier, it is possible for an attacker to register a repository with a invalid or differing upstream ID, which causes Minder to report the repository as registered, but not remediate any future changes which conflict with policy (because the webhooks for the repo do not match any known repository in the database). When attempting to register a repo with a different repo ID, the registered provider must have admin on the named repo, or a 404 error will result. Similarly, if the stored provider token does not have repo access, then the remediations will not apply successfully. Lastly, it appears that reconciliation actions do not execute against repos with this type of mismatch. This appears to primarily be a potential denial-of-service vulnerability. This vulnerability is patched in version 0.20240226.1425+ref.53868a8.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    stacklok minder Affected: < 0.20240226.1425+ref.53868a8
    Create a notification for this product.
    stacklok minder Affected: 0 , < 0.20240226.1425\+ref.53868a8 (git)
        cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:27:58.381Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4"
              },
              {
                "name": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "minder",
                "vendor": "stacklok",
                "versions": [
                  {
                    "lessThan": "0.20240226.1425\\+ref.53868a8",
                    "status": "affected",
                    "version": "0",
                    "versionType": "git"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-27093",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-27T18:24:55.540745Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-27T19:43:28.099Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "minder",
              "vendor": "stacklok",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.20240226.1425+ref.53868a8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Minder is a Software Supply Chain Security Platform. In version 0.0.31 and earlier, it is possible for an attacker to register a repository with a invalid or differing upstream ID, which causes Minder to report the repository as registered, but not remediate any future changes which conflict with policy (because the webhooks for the repo do not match any known repository in the database).  When attempting to register a repo with a different repo ID, the registered provider must have admin on the named repo, or a 404 error will result.  Similarly, if the stored provider token does not have repo access, then the remediations will not apply successfully.  Lastly, it appears that reconciliation actions do not execute against repos with this type of mismatch. This appears to primarily be a potential denial-of-service vulnerability.  This vulnerability is patched in version 0.20240226.1425+ref.53868a8."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-26T21:57:25.101Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4"
            },
            {
              "name": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d"
            }
          ],
          "source": {
            "advisory": "GHSA-q6h8-4j2v-pjg4",
            "discovery": "UNKNOWN"
          },
          "title": "Minder trusts client-provided mapping from repo name to upstream ID"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-27093",
        "datePublished": "2024-02-26T21:57:25.101Z",
        "dateReserved": "2024-02-19T14:43:05.993Z",
        "dateUpdated": "2024-08-27T19:43:28.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-27916 (GCVE-0-2024-27916)

    Vulnerability from cvelistv5 – Published: 2024-03-06 20:21 – Updated: 2024-08-02 19:39
    VLAI
    Title
    `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user
    Summary
    Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints `GetRepositoryByName`, `DeleteRepositoryByName`, and `GetArtifactByName` to access any repository in the database, irrespective of who owns the repo and any permissions present. The database query checks by repo owner, repo name and provider name (which is always `github`). These query values are not distinct for the particular user - as long as the user has valid credentials and a provider, they can set the repo owner/name to any value they want and the server will return information on this repo. Version 0.0.33 contains a patch for this issue.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    stacklok minder Affected: < 0.0.33
    Create a notification for this product.
    stacklok minder Affected: 0 , < 0.0.33 (custom)
        cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:41:55.808Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37"
              },
              {
                "name": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb"
              },
              {
                "name": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278"
              },
              {
                "name": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "minder",
                "vendor": "stacklok",
                "versions": [
                  {
                    "lessThan": "0.0.33",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-27916",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-02T19:38:55.333522Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:39:30.349Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "minder",
              "vendor": "stacklok",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.0.33"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Minder is a software supply chain security platform. Prior to version 0.0.33, a Minder user can use the endpoints `GetRepositoryByName`, `DeleteRepositoryByName`, and `GetArtifactByName` to access any repository in the database, irrespective of who owns the repo and any permissions present. The database query checks by repo owner, repo name and provider name (which is always `github`). These query values are not distinct for the particular user - as long as the user has valid credentials and a provider, they can set the repo owner/name to any value they want and the server will return information on this repo. Version 0.0.33 contains a patch for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285: Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-03-06T20:21:22.125Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37"
            },
            {
              "name": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb"
            },
            {
              "name": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go#L277-L278"
            },
            {
              "name": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go#L257-L299"
            }
          ],
          "source": {
            "advisory": "GHSA-v627-69v2-xx37",
            "discovery": "UNKNOWN"
          },
          "title": "`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-27916",
        "datePublished": "2024-03-06T20:21:22.125Z",
        "dateReserved": "2024-02-28T15:14:14.213Z",
        "dateUpdated": "2024-08-02T19:39:30.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-27093 (GCVE-0-2024-27093)

    Vulnerability from cvelistv5 – Published: 2024-02-26 21:57 – Updated: 2024-08-27 19:43
    VLAI
    Title
    Minder trusts client-provided mapping from repo name to upstream ID
    Summary
    Minder is a Software Supply Chain Security Platform. In version 0.0.31 and earlier, it is possible for an attacker to register a repository with a invalid or differing upstream ID, which causes Minder to report the repository as registered, but not remediate any future changes which conflict with policy (because the webhooks for the repo do not match any known repository in the database). When attempting to register a repo with a different repo ID, the registered provider must have admin on the named repo, or a 404 error will result. Similarly, if the stored provider token does not have repo access, then the remediations will not apply successfully. Lastly, it appears that reconciliation actions do not execute against repos with this type of mismatch. This appears to primarily be a potential denial-of-service vulnerability. This vulnerability is patched in version 0.20240226.1425+ref.53868a8.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    stacklok minder Affected: < 0.20240226.1425+ref.53868a8
    Create a notification for this product.
    stacklok minder Affected: 0 , < 0.20240226.1425\+ref.53868a8 (git)
        cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T00:27:58.381Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4"
              },
              {
                "name": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:stacklok:minder:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "minder",
                "vendor": "stacklok",
                "versions": [
                  {
                    "lessThan": "0.20240226.1425\\+ref.53868a8",
                    "status": "affected",
                    "version": "0",
                    "versionType": "git"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-27093",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-02-27T18:24:55.540745Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-27T19:43:28.099Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "minder",
              "vendor": "stacklok",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 0.20240226.1425+ref.53868a8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Minder is a Software Supply Chain Security Platform. In version 0.0.31 and earlier, it is possible for an attacker to register a repository with a invalid or differing upstream ID, which causes Minder to report the repository as registered, but not remediate any future changes which conflict with policy (because the webhooks for the repo do not match any known repository in the database).  When attempting to register a repo with a different repo ID, the registered provider must have admin on the named repo, or a 404 error will result.  Similarly, if the stored provider token does not have repo access, then the remediations will not apply successfully.  Lastly, it appears that reconciliation actions do not execute against repos with this type of mismatch. This appears to primarily be a potential denial-of-service vulnerability.  This vulnerability is patched in version 0.20240226.1425+ref.53868a8."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20: Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-26T21:57:25.101Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/stacklok/minder/security/advisories/GHSA-q6h8-4j2v-pjg4"
            },
            {
              "name": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/stacklok/minder/commit/53868a878e93f29c43437f96dbc990b548e48d1d"
            }
          ],
          "source": {
            "advisory": "GHSA-q6h8-4j2v-pjg4",
            "discovery": "UNKNOWN"
          },
          "title": "Minder trusts client-provided mapping from repo name to upstream ID"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-27093",
        "datePublished": "2024-02-26T21:57:25.101Z",
        "dateReserved": "2024-02-19T14:43:05.993Z",
        "dateUpdated": "2024-08-27T19:43:28.099Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }