All the vulnerabilites related to PostHog - posthog
cve-2023-46746
Vulnerability from cvelistv5
Published
2023-12-01 21:53
Modified
2024-08-02 20:53
Summary
Authenticated PostHog users vulnerable to SSRF
Impacted products
PostHogposthog
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:53:20.967Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/PostHog/posthog/security/advisories/GHSA-wqqw-r8c5-j67c",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/PostHog/posthog/security/advisories/GHSA-wqqw-r8c5-j67c"
          },
          {
            "name": "https://github.com/PostHog/posthog/commit/22bd5942638d5d9bc4bd603a9bfe8f8a95572292",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/PostHog/posthog/commit/22bd5942638d5d9bc4bd603a9bfe8f8a95572292"
          },
          {
            "name": "https://securitylab.github.com/advisories/GHSL-2023-185_posthog_posthog/",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://securitylab.github.com/advisories/GHSL-2023-185_posthog_posthog/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "posthog",
          "vendor": "PostHog",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c=1.43.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "PostHog provides open-source product analytics, session recording, feature flagging and A/B testing that you can self-host. A server-side request forgery (SSRF), which can only be exploited by authenticated users, was found in Posthog. Posthog did not verify whether a URL was local when enabling webhooks, allowing authenticated users to forge a POST request. This vulnerability has been addressed in `22bd5942` and will be included in subsequent releases. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-11T18:25:11.493Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/PostHog/posthog/security/advisories/GHSA-wqqw-r8c5-j67c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/PostHog/posthog/security/advisories/GHSA-wqqw-r8c5-j67c"
        },
        {
          "name": "https://github.com/PostHog/posthog/commit/22bd5942638d5d9bc4bd603a9bfe8f8a95572292",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PostHog/posthog/commit/22bd5942638d5d9bc4bd603a9bfe8f8a95572292"
        },
        {
          "name": "https://securitylab.github.com/advisories/GHSL-2023-185_posthog_posthog/",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://securitylab.github.com/advisories/GHSL-2023-185_posthog_posthog/"
        }
      ],
      "source": {
        "advisory": "GHSA-wqqw-r8c5-j67c",
        "discovery": "UNKNOWN"
      },
      "title": "Authenticated PostHog users vulnerable to SSRF"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-46746",
    "datePublished": "2023-12-01T21:53:19.584Z",
    "dateReserved": "2023-10-25T14:30:33.753Z",
    "dateUpdated": "2024-08-02T20:53:20.967Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-9710
Vulnerability from cvelistv5
Published
2024-11-22 20:24
Modified
2024-11-22 20:24
Summary
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
Impacted products
PostHogPostHog
Show details on NVD website


{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "PostHog",
          "vendor": "PostHog",
          "versions": [
            {
              "status": "affected",
              "version": "b8817c14065c23159dcf52849f0bdcd12516c43e"
            }
          ]
        }
      ],
      "dateAssigned": "2024-10-09T14:36:43.386-05:00",
      "datePublic": "2024-10-15T10:37:33.453-05:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the database_schema method. The issue results from the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-25351."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:24:41.179Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1383",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1383/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/PostHog/posthog/pull/25388"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Mehmet INCE (@mdisec) from PRODAFT.com"
      },
      "title": "PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-9710",
    "datePublished": "2024-11-22T20:24:41.179Z",
    "dateReserved": "2024-10-09T19:36:43.343Z",
    "dateUpdated": "2024-11-22T20:24:41.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0645
Vulnerability from cvelistv5
Published
2022-04-19 11:20
Modified
2024-08-02 23:32
Summary
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in posthog/posthog
Impacted products
posthogposthog/posthog
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:32:46.538Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "posthog/posthog",
          "vendor": "posthog",
          "versions": [
            {
              "lessThan": "1.34.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601 URL Redirection to Untrusted Site",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T11:25:09",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038"
        }
      ],
      "source": {
        "advisory": "c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
        "discovery": "EXTERNAL"
      },
      "title": "Open redirect vulnerability via endpoint authorize_and_redirect/?redirect=  in posthog/posthog",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@huntr.dev",
          "ID": "CVE-2022-0645",
          "STATE": "PUBLIC",
          "TITLE": "Open redirect vulnerability via endpoint authorize_and_redirect/?redirect=  in posthog/posthog"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "posthog/posthog",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "1.34.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "posthog"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601 URL Redirection to Untrusted Site"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
              "refsource": "CONFIRM",
              "url": "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6"
            },
            {
              "name": "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038",
              "refsource": "MISC",
              "url": "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038"
            }
          ]
        },
        "source": {
          "advisory": "c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2022-0645",
    "datePublished": "2022-04-19T11:20:10",
    "dateReserved": "2022-02-16T00:00:00",
    "dateUpdated": "2024-08-02T23:32:46.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}