GHSA-H9W6-F932-GQ62

Vulnerability from github – Published: 2025-04-18 15:10 – Updated: 2025-04-18 18:34
VLAI?
Summary
ses's global contour bindings leak into Compartment lexical scope
Details

Impact

Web pages and web extensions using ses and the Compartment API to evaluate third-party code in an isolated execution environment that have also elsewhere used const, let, and class bindings in the top-level scope of a <script> tag will have inadvertently revealed these bindings in the lexical scope of third-party code.

Patches

This compromise is addressed in ses version 1.12.0. The mechanism for confining third-party code involves a with block and a semi-opaque scope Proxy. The proxy previously revealed any named property to the surrounding lexical scope if it were absent on globalThis, so that the third-party code would receive an informative ReferenceError, relying on the invalid assumption that only properties of globalThis are in the top-level lexical scope. The solution makes the scope proxy fully opaque. Consequently, accessing an unbound free lexical name will produce undefined instead of throwing ReferenceError. Assigning to an unbound free lexical name will continue to throw a ReferenceError.

Workarounds

This problem can be mitigated either by avoiding top-level let, const, or class bindings in <script> tags, which is an existing industry best-practice, or change these to var bindings to be reflected on globalThis, or upgrade ses to version 1.12.0 or greater.

Some bundlers by default transform top-level let, const, and class bindings to var.

Disclosure

This vulnerability was disclosed by @mingijunggrape in the course of their studies at UNIST (Ulsan National Institute of Science and Technology) as a member of the Web Security Lab (https://websec-lab.github.io/).

Severity ?
8.7 (High)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "ses"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.12.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-32792"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-497"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-18T15:10:05Z",
    "nvd_published_at": "2025-04-18T16:15:23Z",
    "severity": "HIGH"
  },
  "details": "### Impact\n\nWeb pages and web extensions using `ses` and the `Compartment` API to evaluate third-party code in an isolated execution environment that have also elsewhere used `const`, `let`, and `class` bindings in the top-level scope of a `\u003cscript\u003e` tag will have inadvertently revealed these bindings in the lexical scope of third-party code.\n\n### Patches\n\nThis compromise is addressed in `ses` version `1.12.0`. The mechanism for confining third-party code involves a `with` block and a semi-opaque scope `Proxy`. The proxy previously revealed any named property to the surrounding lexical scope if it were absent on `globalThis`, so that the third-party code would receive an informative `ReferenceError`, relying on the invalid assumption that only properties of `globalThis` are in the top-level lexical scope. The solution makes the scope proxy fully opaque. Consequently, accessing an unbound free lexical name will produce `undefined` instead of throwing `ReferenceError`.\nAssigning to an unbound free lexical name will continue to throw a `ReferenceError`.\n\n### Workarounds\n\nThis problem can be mitigated either by avoiding top-level `let`, `const`, or `class` bindings in `\u003cscript\u003e` tags, which is an existing industry best-practice, or change these to `var` bindings to be reflected on `globalThis`, or upgrade `ses` to version `1.12.0` or greater.\n\nSome bundlers by default transform top-level `let`, `const`, and `class` bindings to `var`.\n\n### Disclosure\n\nThis vulnerability was disclosed by @mingijunggrape in the course of their studies at UNIST (Ulsan National Institute of Science and Technology) as a member of the Web Security Lab (https://websec-lab.github.io/).",
  "id": "GHSA-h9w6-f932-gq62",
  "modified": "2025-04-18T18:34:51Z",
  "published": "2025-04-18T15:10:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/endojs/endo/security/advisories/GHSA-h9w6-f932-gq62"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32792"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/endojs/endo"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "ses\u0027s global contour bindings leak into Compartment lexical scope"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.