Vulnerabilities

 3 via 3 paths

Dependencies

 62

Source

 GitHub

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
  • 1
  • 1
Status
  • 3
  • 0
  • 0

critical severity

Predictable Value Range from Previous Values

  • Vulnerable module: form-data
  • Introduced through: form-data@3.0.0

Detailed paths

  • Introduced through: @bifravst/firmware-ci@bifravst/firmware-ci form-data@3.0.0
    Remediation: Upgrade to form-data@3.0.4.

Overview

Affected versions of this package are vulnerable to Predictable Value Range from Previous Values via the boundary value, which uses Math.random(). An attacker can manipulate HTTP request boundaries by exploiting predictable values, potentially leading to HTTP parameter pollution.

Remediation

Upgrade form-data to version 2.5.4, 3.0.4, 4.0.4 or higher.

References

Predictable Value Range from Previous Values vulnerability report

high severity
new

Improper Validation of Specified Index, Position, or Offset in Input

  • Vulnerable module: uuid
  • Introduced through: uuid@8.3.2

Detailed paths

  • Introduced through: @bifravst/firmware-ci@bifravst/firmware-ci uuid@8.3.2
    Remediation: Upgrade to uuid@11.1.1.

Overview

uuid is a RFC4122 (v1, v4, and v5) compliant UUID library.

Affected versions of this package are vulnerable to Improper Validation of Specified Index, Position, or Offset in Input due to accepting external output buffers but not rejecting out-of-range writes (small buf or large offset). This inconsistency allows silent partial writes into caller-provided buffers.

PoC

cd /home/StrawHat/uuid
npm ci
npm run build

node --input-type=module -e "
import {v4,v5,v6} from './dist-node/index.js';
const ns='6ba7b810-9dad-11d1-80b4-00c04fd430c8';
for (const [name,fn] of [
  ['v4',()=>v4({},new Uint8Array(8),4)],
  ['v5',()=>v5('x',ns,new Uint8Array(8),4)],
  ['v6',()=>v6({},new Uint8Array(8),4)],
]) {
  try { fn(); console.log(name,'NO_THROW'); }
  catch(e){ console.log(name,'THREW',e.name); }
}"

Remediation

Upgrade uuid to version 11.1.1, 14.0.0 or higher.

References

Improper Validation of Specified Index, Position, or Offset in Input vulnerability report

medium severity

Information Exposure

  • Vulnerable module: node-fetch
  • Introduced through: node-fetch@2.6.1

Detailed paths

  • Introduced through: @bifravst/firmware-ci@bifravst/firmware-ci node-fetch@2.6.1
    Remediation: Upgrade to node-fetch@2.6.7.

Overview

node-fetch is a light-weight module that brings window.fetch to node.js

Affected versions of this package are vulnerable to Information Exposure when fetching a remote url with Cookie, if it get a Location response header, it will follow that url and try to fetch that url with provided cookie. This can lead to forwarding secure headers to 3th party.

Remediation

Upgrade node-fetch to version 2.6.7, 3.1.1 or higher.

References

Information Exposure vulnerability report