FKIE_CVE-2022-24833

Vulnerability from fkie_nvd - Published: 2022-04-11 21:15 - Updated: 2024-11-21 06:51
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
PrivateBin is minimalist, open source online pastebin clone where the server has zero knowledge of pasted data. In PrivateBin < v1.4.0 a cross-site scripting (XSS) vulnerability was found. The vulnerability is present in all versions from v0.21 of the project, which was at the time still called ZeroBin. The issue is caused by the fact that SVGs can contain JavaScript. This can allow an attacker to execute code, if the user opens a paste with a specifically crafted SVG attachment, and interacts with the preview image and the instance isn't protected by an appropriate content security policy. Users are advised to either upgrade to version 1.4.0 or to ensure the content security policy of their instance is set correctly.
References
security-advisories@github.comhttps://github.com/PrivateBin/PrivateBin/commit/2a4d572c1e9eb9b608d32b0cc0cb3b6c3b684eabPatch, Third Party Advisory
security-advisories@github.comhttps://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvwExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/PrivateBin/PrivateBin/commit/2a4d572c1e9eb9b608d32b0cc0cb3b6c3b684eabPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvwExploit, Third Party Advisory
Impacted products
Vendor Product Version
privatebin privatebin *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:privatebin:privatebin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC75A39A-6AC5-40B1-A781-48691EC6720F",
              "versionEndExcluding": "1.4.0",
              "versionStartIncluding": "0.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "PrivateBin is minimalist, open source online pastebin clone where the server has zero knowledge of pasted data. In PrivateBin \u003c v1.4.0 a cross-site scripting (XSS) vulnerability was found. The vulnerability is present in all versions from v0.21 of the project, which was at the time still called ZeroBin. The issue is caused by the fact that SVGs can contain JavaScript. This can allow an attacker to execute code, if the user opens a paste with a specifically crafted SVG attachment, and interacts with the preview image and the instance isn\u0027t protected by an appropriate content security policy. Users are advised to either upgrade to version 1.4.0 or to ensure the content security policy of their instance is set correctly."
    },
    {
      "lang": "es",
      "value": "PrivateBin es un clon de pastebin online minimalista y de c\u00f3digo abierto en el que el servidor no presenta conocimiento de los datos pegados. En PrivateBin versiones anteriores a v1.4.0, se ha encontrado una vulnerabilidad de tipo cross-site scripting (XSS). La vulnerabilidad est\u00e1 presente en todas las versiones a partir de la versi\u00f3n v0.21 del proyecto, que en ese momento todav\u00eda era llamado ZeroBin. El problema est\u00e1 causado por el hecho de que los SVG pueden contener JavaScript. Esto puede permitir a un atacante ejecutar c\u00f3digo, si el usuario abre una pasta con un archivo adjunto SVG espec\u00edficamente dise\u00f1ado, e interact\u00faa con la imagen de vista previa y la instancia no est\u00e1 protegida por una pol\u00edtica de seguridad de contenido apropiada. Es recomendado a usuarios actualizar a versi\u00f3n 1.4.0, o que aseguren de que la pol\u00edtica de seguridad de contenidos de su instancia est\u00e1 configurada correctamente"
    }
  ],
  "id": "CVE-2022-24833",
  "lastModified": "2024-11-21T06:51:11.973",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-11T21:15:08.640",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/PrivateBin/PrivateBin/commit/2a4d572c1e9eb9b608d32b0cc0cb3b6c3b684eab"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/PrivateBin/PrivateBin/commit/2a4d572c1e9eb9b608d32b0cc0cb3b6c3b684eab"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-cqcc-mm6x-vmvw"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.