dovgalyuk / garageshelves Goto Github PK

Vulnerable Libraries - minimist-0.0.8.tgz, minimist-0.0.10.tgz, minimist-1.2.0.tgz

Found in HEAD commit: b75e11e983f71620ec5cc7c7559d8295f79be655

Vulnerability Details

minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "proto" payload.

Publish Date: 2020-03-11

URL: CVE-2020-7598

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94

Release Date: 2020-03-11

Fix Resolution: minimist - 0.2.1,1.2.3

Vulnerable Library - kind-of-6.0.2.tgz

Get the native type of a value.

Library home page: https://registry.npmjs.org/kind-of/-/kind-of-6.0.2.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/base/node_modules/kind-of/package.json

Dependency Hierarchy:

• react-scripts-3.3.0.tgz (Root Library)
  • webpack-4.41.2.tgz
    • micromatch-3.1.10.tgz
      • extglob-2.0.4.tgz
        • define-property-1.0.0.tgz
          • is-descriptor-1.0.2.tgz
            • ❌ kind-of-6.0.2.tgz (Vulnerable Library)

Found in HEAD commit: b75e11e983f71620ec5cc7c7559d8295f79be655

Vulnerability Details

Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation.

Publish Date: 2020-03-18

URL: WS-2019-0381

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: jonschlinkert/kind-of@975c13a

Release Date: 2020-03-18

Fix Resolution: kind-of - 6.0.3

Vulnerable Library - elliptic-6.5.2.tgz

EC cryptography

Library home page: https://registry.npmjs.org/elliptic/-/elliptic-6.5.2.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/elliptic/package.json

Dependency Hierarchy:

• react-scripts-3.4.1.tgz (Root Library)
  • webpack-4.42.0.tgz
    • node-libs-browser-2.2.1.tgz
      • crypto-browserify-3.12.0.tgz
        • browserify-sign-4.0.4.tgz
          • ❌ elliptic-6.5.2.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.

Publish Date: 2020-06-04

URL: CVE-2020-13822

CVSS 3 Score Details (7.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: https://github.com/indutny/elliptic/tree/v6.5.3

Release Date: 2020-06-04

Fix Resolution: v6.5.3

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: f59f6e497a1fbfcea9b489b066ff0e273545fd30

Vulnerability Details

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.

Publish Date: 2020-01-03

URL: CVE-2020-5311

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5311

Release Date: 2020-01-03

Fix Resolution: 7.0.0

Vulnerable Library - jquery-1.7.1.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.1/jquery.min.js

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html

Path to vulnerable library: /GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/multiplex/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/express-3.x/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/echo/index.html

Dependency Hierarchy:

• ❌ jquery-1.7.1.min.js (Vulnerable Library)

Found in HEAD commit: 28aadcd182265edd5a301a44b505ecdafd9402f7

Vulnerability Details

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

Publish Date: 2018-01-18

URL: CVE-2015-9251

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251

Release Date: 2018-01-18

Fix Resolution: jQuery - v3.0.0

Vulnerable Library - jquery-3.3.1.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/public/index.html

Path to vulnerable library: /GarageShelves/react_shelves/public/index.html

Dependency Hierarchy:

• ❌ jquery-3.3.1.min.js (Vulnerable Library)

Found in HEAD commit: 28aadcd182265edd5a301a44b505ecdafd9402f7

Vulnerability Details

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

Publish Date: 2019-04-20

URL: CVE-2019-11358

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Change files

Origin: jquery/jquery@753d591

Release Date: 2019-03-25

Fix Resolution: Replace or update the following files: core.js, core.js

Vulnerable Library - jquery-1.7.1.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.1/jquery.min.js

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html

Path to vulnerable library: /GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/multiplex/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/express-3.x/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/echo/index.html

Dependency Hierarchy:

• ❌ jquery-1.7.1.min.js (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.

Publish Date: 2020-05-19

URL: CVE-2020-7656

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: rails/jquery-rails@8f601cb

Release Date: 2020-05-19

Fix Resolution: jquery-rails - 2.2.0

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.

Publish Date: 2020-06-25

URL: CVE-2020-11538

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: python-pillow/Pillow@41b554b

Release Date: 2020-06-25

Fix Resolution: 7.1.0

Vulnerable Library - jquery-1.7.1.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.1/jquery.min.js

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html

Path to vulnerable library: /GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/multiplex/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/express-3.x/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/echo/index.html

Dependency Hierarchy:

• ❌ jquery-1.7.1.min.js (Vulnerable Library)

Found in HEAD commit: 28aadcd182265edd5a301a44b505ecdafd9402f7

Vulnerability Details

jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

Publish Date: 2018-01-18

URL: CVE-2012-6708

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708

Release Date: 2018-01-18

Fix Resolution: jQuery - v1.9.0

Vulnerable Library - ajv-6.12.0.tgz

Another JSON Schema Validator

Library home page: https://registry.npmjs.org/ajv/-/ajv-6.12.0.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/ajv/package.json

Dependency Hierarchy:

• react-scripts-3.4.1.tgz (Root Library)
  • eslint-6.8.0.tgz
    • ❌ ajv-6.12.0.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.)

Publish Date: 2020-07-15

URL: CVE-2020-15366

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/ajv-validator/ajv/releases/tag/v6.12.3

Release Date: 2020-07-15

Fix Resolution: ajv - 6.12.3

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.

Publish Date: 2020-06-25

URL: CVE-2020-10378

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: python-pillow/Pillow@41b554b

Release Date: 2020-06-25

Fix Resolution: 7.1.0

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: f59f6e497a1fbfcea9b489b066ff0e273545fd30

Vulnerability Details

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.

Publish Date: 2020-01-03

URL: CVE-2020-5312

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5312

Release Date: 2020-01-03

Fix Resolution: 7.0.0

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.

Publish Date: 2020-06-25

URL: CVE-2020-10379

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: python-pillow/Pillow@41b554b

Release Date: 2020-06-25

Fix Resolution: 7.1.0

Vulnerable Library - serialize-javascript-2.1.2.tgz

Serialize JavaScript to a superset of JSON that includes regular expressions and functions.

Library home page: https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-2.1.2.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/serialize-javascript/package.json

Dependency Hierarchy:

• react-scripts-3.4.1.tgz (Root Library)
  • terser-webpack-plugin-2.3.5.tgz
    • ❌ serialize-javascript-2.1.2.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js".

Publish Date: 2020-06-01

URL: CVE-2020-7660

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7660

Release Date: 2020-06-01

Fix Resolution: serialize-javascript - 3.1.0

Vulnerable Library - dot-prop-4.2.0.tgz

Get, set, or delete a property from a nested object using a dot path

Library home page: https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/dot-prop/package.json

Dependency Hierarchy:

• react-scripts-3.3.0.tgz (Root Library)
  • optimize-css-assets-webpack-plugin-5.0.3.tgz
    • cssnano-4.1.10.tgz
      • cssnano-preset-default-4.0.7.tgz
        • postcss-merge-rules-4.0.3.tgz
          • postcss-selector-parser-3.1.1.tgz
            • ❌ dot-prop-4.2.0.tgz (Vulnerable Library)

Found in HEAD commit: c65b370f9b884925b5e7001d336cba7cf6209db9

Vulnerability Details

Prototype pollution vulnerability in dot-prop npm package version 5.1.0 and earlier allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.

Publish Date: 2020-02-04

URL: CVE-2020-8116

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8116

Release Date: 2020-02-04

Fix Resolution: dot-prop - 5.1.1

Vulnerable Library - jquery-1.7.1.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.1/jquery.min.js

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html

Path to vulnerable library: /GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/multiplex/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/express-3.x/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/echo/index.html

Dependency Hierarchy:

• ❌ jquery-1.7.1.min.js (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11022

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

Release Date: 2020-04-29

Fix Resolution: jQuery - 3.5.0

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.

Publish Date: 2020-06-25

URL: CVE-2020-10177

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: python-pillow/Pillow@41b554b

Release Date: 2020-06-25

Fix Resolution: 7.1.0

Vulnerable Library - hoek-8.5.0.tgz

General purpose node utilities

Library home page: https://registry.npmjs.org/@hapi/hoek/-/hoek-8.5.0.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/@hapi/hoek/package.json

Dependency Hierarchy:

• react-scripts-3.3.0.tgz (Root Library)
  • workbox-webpack-plugin-4.3.1.tgz
    • workbox-build-4.3.1.tgz
      • joi-15.1.1.tgz
        • ❌ hoek-8.5.0.tgz (Vulnerable Library)

Found in HEAD commit: c65b370f9b884925b5e7001d336cba7cf6209db9

Vulnerability Details

Versions of @hapi/hoek prior to 8.5.1 and 9.0.3 are vulnerable to Prototype Pollution. The clone function fails to prevent the modification of the Object prototype when passed specially-crafted input. Attackers may use this to change existing properties that exist in all objects, which may lead to Denial of Service or Remote Code Execution in specific circumstances. This issue does not affect hapi applications since the framework protects against such malicious inputs. Applications that use @hapi/hoek outside of the hapi ecosystem may be vulnerable.

Publish Date: 2020-02-11

URL: WS-2020-0011

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: hapijs/hoek@v9.0.2...v9.0.3

Release Date: 2020-02-11

Fix Resolution: 9.0.3,8.5.1

Vulnerable Libraries - yargs-parser-13.1.1.tgz, yargs-parser-11.1.1.tgz

Found in HEAD commit: b75e11e983f71620ec5cc7c7559d8295f79be655

Vulnerability Details

yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload.

Publish Date: 2020-03-16

URL: CVE-2020-7608

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7608

Release Date: 2020-03-16

Fix Resolution: v18.1.1;13.1.2;15.0.1

Vulnerable Library - http-proxy-1.18.0.tgz

HTTP proxying for the masses

Library home page: https://registry.npmjs.org/http-proxy/-/http-proxy-1.18.0.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/http-proxy/package.json

Dependency Hierarchy:

• react-scripts-3.4.1.tgz (Root Library)
  • webpack-dev-server-3.10.3.tgz
    • http-proxy-middleware-0.19.1.tgz
      • ❌ http-proxy-1.18.0.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

Versions of http-proxy prior to 1.18.1 are vulnerable to Denial of Service. An HTTP request with a long body triggers an ERR_HTTP_HEADERS_SENT unhandled exception that crashes the proxy server. This is only possible when the proxy server sets headers in the proxy request using the proxyReq.setHeader function.

Publish Date: 2020-05-14

URL: WS-2020-0091

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.npmjs.com/advisories/1486

Release Date: 2020-05-26

Fix Resolution: http-proxy - 1.18.1

Vulnerable Library - lodash-4.17.15.tgz

Lodash modular utilities.

Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/lodash/package.json

Dependency Hierarchy:

• react-bootstrap-1.0.0.tgz (Root Library)
  • hooks-0.3.22.tgz
    • ❌ lodash-4.17.15.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

All versions of lodash are vulnerable to Prototype Pollution. The function zipObjectDeep allows a malicious user to modify the prototype of Object if the property identifiers are user-supplied. Being affected by this issue requires zipping objects based on user-provided property arrays. This vulnerability may lead to Denial of Service or Code Execution.

Publish Date: 2020-04-28

URL: WS-2020-0070

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: lodash/lodash@7816228

Release Date: 2020-04-28

Fix Resolution: lodash - 4.17.16

Vulnerable Library - jquery-1.7.1.min.js

JavaScript library for DOM operations

Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.7.1/jquery.min.js

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html

Path to vulnerable library: /GarageShelves/react_shelves/node_modules/sockjs/examples/hapi/html/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/multiplex/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/express-3.x/index.html,/GarageShelves/react_shelves/node_modules/sockjs/examples/echo/index.html

Dependency Hierarchy:

• ❌ jquery-1.7.1.min.js (Vulnerable Library)

Found in HEAD commit: 28aadcd182265edd5a301a44b505ecdafd9402f7

Vulnerability Details

JQuery, before 2.2.0, is vulnerable to Cross-site Scripting (XSS) attacks via text/javascript response with arbitrary code execution.

Publish Date: 2016-11-27

URL: WS-2016-0090

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: jquery/jquery@b078a62

Release Date: 2019-04-08

Fix Resolution: 2.2.0

Vulnerable Library - elliptic-6.5.2.tgz

EC cryptography

Library home page: https://registry.npmjs.org/elliptic/-/elliptic-6.5.2.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/elliptic/package.json

Dependency Hierarchy:

• react-scripts-3.4.1.tgz (Root Library)
  • webpack-4.42.0.tgz
    • node-libs-browser-2.2.1.tgz
      • crypto-browserify-3.12.0.tgz
        • browserify-sign-4.0.4.tgz
          • ❌ elliptic-6.5.2.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

all versions of elliptic are vulnerable to Timing Attack through side-channels.

Publish Date: 2019-11-13

URL: WS-2019-0424

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Adjacent
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: None

Vulnerable Libraries - kind-of-3.2.2.tgz, kind-of-4.0.0.tgz, kind-of-6.0.2.tgz, kind-of-2.0.1.tgz, kind-of-5.1.0.tgz

Found in HEAD commit: f59f6e497a1fbfcea9b489b066ff0e273545fd30

Vulnerability Details

ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.

Publish Date: 2019-12-30

URL: CVE-2019-20149

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.

Publish Date: 2020-06-25

URL: CVE-2020-10994

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: python-pillow/Pillow@41b554b

Release Date: 2020-06-25

Fix Resolution: 7.1.0

Vulnerable Library - lodash-4.17.15.tgz

Lodash modular utilities.

Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/lodash/package.json

Dependency Hierarchy:

• react-bootstrap-1.0.0.tgz (Root Library)
  • hooks-0.3.22.tgz
    • ❌ lodash-4.17.15.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

Prototype pollution attack when using _.zipObjectDeep in lodash <= 4.17.15.

Publish Date: 2020-07-15

URL: CVE-2020-8203

CVSS 3 Score Details (7.4)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.npmjs.com/advisories/1523

Release Date: 2020-07-23

Fix Resolution: lodash - 4.17.19

Vulnerable Library - sockjs-0.3.19.tgz

SockJS-node is a server counterpart of SockJS-client a JavaScript library that provides a WebSocket-like object in the browser. SockJS gives you a coherent, cross-browser, Javascript API which creates a low latency, full duplex, cross-domain communication

Library home page: https://registry.npmjs.org/sockjs/-/sockjs-0.3.19.tgz

Path to dependency file: /tmp/ws-scm/GarageShelves/react_shelves/package.json

Path to vulnerable library: /tmp/ws-scm/GarageShelves/react_shelves/node_modules/sockjs/package.json

Dependency Hierarchy:

• react-scripts-3.4.1.tgz (Root Library)
  • webpack-dev-server-3.10.3.tgz
    • ❌ sockjs-0.3.19.tgz (Vulnerable Library)

Found in HEAD commit: 65cd42540f3a1ba96df8c8c88b7e23dce36c7357

Vulnerability Details

Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.

Publish Date: 2020-07-09

URL: CVE-2020-7693

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: sockjs/sockjs-node#265

Release Date: 2020-07-09

Fix Resolution: sockjs - 0.3.20

Vulnerable Library - Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Python Imaging Library (Fork)

Library home page: https://files.pythonhosted.org/packages/12/ad/61f8dfba88c4e56196bf6d056cdbba64dc9c5dfdfbc97d02e6472feed913/Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl

Path to dependency file: /tmp/ws-scm/GarageShelves/shelves/requirements.txt

Path to vulnerable library: /GarageShelves/shelves/requirements.txt

Dependency Hierarchy:

• ❌ Pillow-6.2.2-cp27-cp27mu-manylinux1_x86_64.whl (Vulnerable Library)

Found in HEAD commit: f59f6e497a1fbfcea9b489b066ff0e273545fd30

Vulnerability Details

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.

Publish Date: 2020-01-03

URL: CVE-2020-5310

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5310

Release Date: 2020-01-03

Fix Resolution: 7.0.0