cvelistv5 - cve-2014-6393

CVE-2014-6393 (GCVE-0-2014-6393)

Vulnerability from cvelistv5 – Published: 2017-08-09 18:00 – Updated: 2024-08-06 12:17

Summary

The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://nodesecurity.io/advisories/express-no-cha…	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1203190	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T12:17:23.956Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-09T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6393",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header",
              "refsource": "CONFIRM",
              "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-6393",
    "datePublished": "2017-08-09T18:00:00",
    "dateReserved": "2014-09-15T00:00:00",
    "dateUpdated": "2024-08-06T12:17:23.956Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.10.5\", \"matchCriteriaId\": \"F3044B30-C7BD-4472-B79F-1B1CF6678B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7048C98D-3862-4067-BBD9-FED2488EAAA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41978223-8371-41B6-A5AA-C270357ECE88\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DC94FA3-2F6E-4C11-AFF9-EBE99661E3CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3EE054C-7B48-46FC-B048-458A138718A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CAF101E-20FC-40EC-9566-6274E24D668D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E93C3DE-988C-47D9-84BB-0579D83A05C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E80EDF16-E5CF-4B61-B041-54D2D33B2A13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89706C45-EE55-4778-AE2A-53DCFFEC45D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C29C2745-5E28-42EE-AA8D-5EAB394AC813\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13FFEADC-67C9-4270-B832-696BF41ADE2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F8DC1AA-D87C-4DC6-9735-56A78719E96A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B020CA0-739E-4404-A1D1-59B826F3DC3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"080B58C4-1910-43C5-AAF6-2134416E9685\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openjsf:express:4.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F71DFB79-FD8C-4470-8B3B-8FA1E4FE2F41\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.\"}, {\"lang\": \"es\", \"value\": \"El framework web Express en versiones anteriores a la 3.11 y en versiones 4.x anteriores a la 4.5 para Node.js no proporciona un campo charset en los encabezados HTTP Content-Type en respuestas de nivel 400. Esto permitir\\u00eda que atacantes remotos llevasen a cabo ataques de tipo cross-site scripting (XSS) mediante caracteres en una codificaci\\u00f3n no est\\u00e1ndar.\"}]",
      "id": "CVE-2014-6393",
      "lastModified": "2024-11-21T02:14:18.290",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2017-08-09T18:29:00.480",
      "references": "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1203190\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://nodesecurity.io/advisories/express-no-charset-in-content-type-header\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1203190\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://nodesecurity.io/advisories/express-no-charset-in-content-type-header\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-6393\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-08-09T18:29:00.480\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.\"},{\"lang\":\"es\",\"value\":\"El framework web Express en versiones anteriores a la 3.11 y en versiones 4.x anteriores a la 4.5 para Node.js no proporciona un campo charset en los encabezados HTTP Content-Type en respuestas de nivel 400. Esto permitir\u00eda que atacantes remotos llevasen a cabo ataques de tipo cross-site scripting (XSS) mediante caracteres en una codificaci\u00f3n no est\u00e1ndar.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.10.5\",\"matchCriteriaId\":\"F3044B30-C7BD-4472-B79F-1B1CF6678B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7048C98D-3862-4067-BBD9-FED2488EAAA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41978223-8371-41B6-A5AA-C270357ECE88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DC94FA3-2F6E-4C11-AFF9-EBE99661E3CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3EE054C-7B48-46FC-B048-458A138718A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAF101E-20FC-40EC-9566-6274E24D668D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E93C3DE-988C-47D9-84BB-0579D83A05C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E80EDF16-E5CF-4B61-B041-54D2D33B2A13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89706C45-EE55-4778-AE2A-53DCFFEC45D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C29C2745-5E28-42EE-AA8D-5EAB394AC813\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13FFEADC-67C9-4270-B832-696BF41ADE2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F8DC1AA-D87C-4DC6-9735-56A78719E96A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B020CA0-739E-4404-A1D1-59B826F3DC3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"080B58C4-1910-43C5-AAF6-2134416E9685\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:4.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71DFB79-FD8C-4470-8B3B-8FA1E4FE2F41\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1203190\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://nodesecurity.io/advisories/express-no-charset-in-content-type-header\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1203190\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://nodesecurity.io/advisories/express-no-charset-in-content-type-header\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CNVD-2017-28780

Vulnerability from cnvd - Published: 2017-09-29

Title

Joyent Node.js Express web framework跨站脚本漏洞

Description

Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。Express web framework是其中的一个轻量级Web框架。 Joyent Node.js中的Express web framework 3.11之前的版本和4.5之前的4.x版本存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。

Severity

中

Patch Name

Joyent Node.js Express web framework跨站脚本漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://nodesecurity.io/advisories/express-no-charset-in-content-type-header

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=1203190

Impacted products

Name
['Joyent Node.js 50', 'Joyent Node.js <=3.11', 'Joyent Node.js 4.*，<4.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-6393"
    }
  },
  "description": "Joyent Node.js\u662f\u7f8e\u56fdJoyent\u516c\u53f8\u7684\u4e00\u5957\u5efa\u7acb\u5728Google V8 JavaScript\u5f15\u64ce\u4e4b\u4e0a\u7684\u7f51\u7edc\u5e94\u7528\u5e73\u53f0\u3002Express web framework\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u8f7b\u91cf\u7ea7Web\u6846\u67b6\u3002\r\n\r\nJoyent Node.js\u4e2d\u7684Express web framework 3.11\u4e4b\u524d\u7684\u7248\u672c\u548c4.5\u4e4b\u524d\u76844.x\u7248\u672c\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610f\u7684Web\u811a\u672c\u6216HTML\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://nodesecurity.io/advisories/express-no-charset-in-content-type-header",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-28780",
  "openTime": "2017-09-29",
  "patchDescription": "Joyent Node.js\u662f\u7f8e\u56fdJoyent\u516c\u53f8\u7684\u4e00\u5957\u5efa\u7acb\u5728Google V8 JavaScript\u5f15\u64ce\u4e4b\u4e0a\u7684\u7f51\u7edc\u5e94\u7528\u5e73\u53f0\u3002Express web framework\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u8f7b\u91cf\u7ea7Web\u6846\u67b6\u3002\r\n\r\nJoyent Node.js\u4e2d\u7684Express web framework 3.11\u4e4b\u524d\u7684\u7248\u672c\u548c4.5\u4e4b\u524d\u76844.x\u7248\u672c\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610f\u7684Web\u811a\u672c\u6216HTML\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Joyent Node.js Express web framework\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Joyent Node.js 50",
      "Joyent Node.js \u003c=3.11",
      "Joyent Node.js  4.*\uff0c\u003c4.5"
    ]
  },
  "referenceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190",
  "serverity": "\u4e2d",
  "submitTime": "2017-08-17",
  "title": "Joyent Node.js Express web framework\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

FKIE_CVE-2014-6393

Vulnerability from fkie_nvd - Published: 2017-08-09 18:29 - Updated: 2025-04-20 01:37

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1203190	Issue Tracking, Third Party Advisory, VDB Entry
cve@mitre.org	https://nodesecurity.io/advisories/express-no-charset-in-content-type-header	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1203190	Issue Tracking, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://nodesecurity.io/advisories/express-no-charset-in-content-type-header	Third Party Advisory

Impacted products

Vendor	Product	Version
openjsf	express	*
openjsf	express	4.0.0
openjsf	express	4.1.0
openjsf	express	4.1.1
openjsf	express	4.1.2
openjsf	express	4.2.0
openjsf	express	4.3.0
openjsf	express	4.3.1
openjsf	express	4.3.2
openjsf	express	4.4.0
openjsf	express	4.4.1
openjsf	express	4.4.2
openjsf	express	4.4.3
openjsf	express	4.4.4
openjsf	express	4.4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openjsf:express:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3044B30-C7BD-4472-B79F-1B1CF6678B83",
              "versionEndIncluding": "3.10.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7048C98D-3862-4067-BBD9-FED2488EAAA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "41978223-8371-41B6-A5AA-C270357ECE88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC94FA3-2F6E-4C11-AFF9-EBE99661E3CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3EE054C-7B48-46FC-B048-458A138718A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CAF101E-20FC-40EC-9566-6274E24D668D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E93C3DE-988C-47D9-84BB-0579D83A05C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80EDF16-E5CF-4B61-B041-54D2D33B2A13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "89706C45-EE55-4778-AE2A-53DCFFEC45D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C29C2745-5E28-42EE-AA8D-5EAB394AC813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13FFEADC-67C9-4270-B832-696BF41ADE2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F8DC1AA-D87C-4DC6-9735-56A78719E96A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B020CA0-739E-4404-A1D1-59B826F3DC3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "080B58C4-1910-43C5-AAF6-2134416E9685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openjsf:express:4.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71DFB79-FD8C-4470-8B3B-8FA1E4FE2F41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding."
    },
    {
      "lang": "es",
      "value": "El framework web Express en versiones anteriores a la 3.11 y en versiones 4.x anteriores a la 4.5 para Node.js no proporciona un campo charset en los encabezados HTTP Content-Type en respuestas de nivel 400. Esto permitir\u00eda que atacantes remotos llevasen a cabo ataques de tipo cross-site scripting (XSS) mediante caracteres en una codificaci\u00f3n no est\u00e1ndar."
    }
  ],
  "id": "CVE-2014-6393",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-08-09T18:29:00.480",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2014-6393

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-6393

Aliases

CVE-2014-6393

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-6393",
    "description": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.",
    "id": "GSD-2014-6393"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-6393"
      ],
      "details": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.",
      "id": "GSD-2014-6393",
      "modified": "2023-12-13T01:22:50.253569Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-6393",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header",
            "refsource": "CONFIRM",
            "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c3.11.0 || \u003e=4.0.0-rc1 \u003c4.5.0",
          "affected_versions": "All versions before 3.11.0, all versions starting from 4.0.0-rc1 before 4.5.0",
          "credit": "Pawe\u0142 Ha\u0142drzy\u0144ski",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2017-08-18",
          "description": "Express do not specify a charset field in the content-type header while displaying level response messages. The lack of enforcing user\u0027s browser to set correct charset, could be leveraged by an attacker to perform a cross-site scripting attack, using non-standard encodings, like UTF-7.",
          "fixed_versions": [
            "3.11.0",
            "4.5.0"
          ],
          "identifier": "CVE-2014-6393",
          "identifiers": [
            "CVE-2014-6393"
          ],
          "not_impacted": "All versions starting from 3.11.0 before 4.0.0-rc1, all versions starting from 4.5.0",
          "package_slug": "npm/express",
          "pubdate": "2017-08-09",
          "solution": "Upgrade to versions 3.11.0, 4.5.0 or above.",
          "title": "No Charset in Content-Type Header",
          "urls": [
            "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6393"
          ],
          "uuid": "d5cb7112-f79e-4496-8417-7d42047f108a"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.10.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openjsf:express:4.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-6393"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://nodesecurity.io/advisories/express-no-charset-in-content-type-header"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2021-07-30T16:36Z",
      "publishedDate": "2017-08-09T18:29Z"
    }
  }
}

GHSA-GPVR-G6GH-9MC2

Vulnerability from github – Published: 2018-10-23 17:22 – Updated: 2021-08-02 22:35

Summary

No Charset in Content-Type Header in express

Details

Vulnerable versions of express do not specify a charset field in the content-type header while displaying 400 level response messages. The lack of enforcing user's browser to set correct charset, could be leveraged by an attacker to perform a cross-site scripting attack, using non-standard encodings, like UTF-7.

Recommendation

For express 3.x, update express to version 3.11 or later. For express 4.x, update express to version 4.5 or later.

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "express"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.11.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "express"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-6393"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:37:54Z",
    "nvd_published_at": "2017-08-09T18:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Vulnerable versions of express do not specify a charset field in the content-type header while displaying 400 level response messages. The lack of enforcing user\u0027s browser to set correct charset, could be leveraged by an attacker to perform a cross-site scripting attack, using non-standard encodings, like UTF-7.\n\n\n## Recommendation\n\nFor express 3.x, update express to version 3.11 or later.\nFor express 4.x, update express to version 4.5 or later. ",
  "id": "GHSA-gpvr-g6gh-9mc2",
  "modified": "2021-08-02T22:35:12Z",
  "published": "2018-10-23T17:22:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6393"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203190"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-gpvr-g6gh-9mc2"
    },
    {
      "type": "WEB",
      "url": "https://www.npmjs.com/advisories/8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "No Charset in Content-Type Header in express"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-6393 (GCVE-0-2014-6393)

CNVD-2017-28780

FKIE_CVE-2014-6393

GSD-2014-6393

GHSA-GPVR-G6GH-9MC2

Recommendation

Tags

Sightings

Nomenclature