Vulnerabilities

2 via 2 paths

Dependencies

20

Source

GitHub

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
  • 1
Status
  • 2
  • 0
  • 0

high severity

Uncontrolled Recursion

  • Vulnerable module: underscore
  • Introduced through: react-bootstrap-table-next@3.3.5

Detailed paths

  • Introduced through: groundskeeper@newrelic/nr1-groundskeeper react-bootstrap-table-next@3.3.5 underscore@1.9.1

Overview

underscore is a JavaScript's functional programming helper library.

Affected versions of this package are vulnerable to Uncontrolled Recursion through the _.flatten() or _.isEqual() functions that are used without a depth limit. An attacker can cause the application to crash or become unresponsive by supplying deeply nested data structures as input, leading to stack exhaustion.

Workaround

This vulnerability can be mitigated by enforcing a depth limit on data structures created from untrusted input (e.g., limiting nesting to 1000 levels or fewer), or by passing a finite depth limit as the second argument to the _.flatten() function.

Remediation

Upgrade underscore to version 1.13.8 or higher.

References

medium severity

Arbitrary Code Injection

  • Vulnerable module: underscore
  • Introduced through: react-bootstrap-table-next@3.3.5

Detailed paths

  • Introduced through: groundskeeper@newrelic/nr1-groundskeeper react-bootstrap-table-next@3.3.5 underscore@1.9.1

Overview

underscore is a JavaScript's functional programming helper library.

Affected versions of this package are vulnerable to Arbitrary Code Injection via the template function, particularly when the variable option is taken from _.templateSettings as it is not sanitized.

PoC

const _ = require('underscore');
_.templateSettings.variable = "a = this.process.mainModule.require('child_process').execSync('touch HELLO')";
const t = _.template("")();

Remediation

Upgrade underscore to version 1.13.0-2, 1.12.1 or higher.

References