CVE-2024-21541
Vulnerability from cvelistv5
Published
2024-11-13 05:00
Modified
2024-11-14 16:04
Severity ?
EPSS score ?
Summary
All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval.
References
▼ | URL | Tags | |
---|---|---|---|
report@snyk.io | https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199 | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | dom-iterator |
Version: 0 ≤ |
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:dom-iterator:dom-iterator:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dom-iterator", "vendor": "dom-iterator", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-21541", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-14T16:00:24.678420Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-14T16:04:30.877Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dom-iterator", "vendor": "n/a", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "value": "NodeMedic-FINE" } ], "descriptions": [ { "lang": "en", "value": "All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-94", "description": "Arbitrary Code Execution", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T05:00:12.270Z", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "url": "https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199" } ] } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2024-21541", "datePublished": "2024-11-13T05:00:12.270Z", "dateReserved": "2023-12-22T12:33:20.123Z", "dateUpdated": "2024-11-14T16:04:30.877Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-21541\",\"sourceIdentifier\":\"report@snyk.io\",\"published\":\"2024-11-13T05:15:14.680\",\"lastModified\":\"2024-11-19T16:20:37.887\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval.\"},{\"lang\":\"es\",\"value\":\"Todas las versiones del paquete dom-iterator son vulnerables a la ejecuci\u00f3n de c\u00f3digo arbitrario debido al uso del constructor Function sin una desinfecci\u00f3n completa de la entrada. Function genera un nuevo cuerpo de funci\u00f3n y, por lo tanto, se debe tener cuidado para garantizar que las entradas a Function no est\u00e9n controladas por un atacante. Los riesgos involucrados son similares a los de permitir que la entrada controlada por un atacante llegue a eval.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"report@snyk.io\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:matthewmueller:dom-iterator:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.0.0\",\"matchCriteriaId\":\"23F03C7B-1A8B-4FB7-9A5D-FE3C08D3ED56\"}]}]}],\"references\":[{\"url\":\"https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199\",\"source\":\"report@snyk.io\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.