Vulnerabilities

2 via 2 paths

Dependencies

53

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
  • 1
Status
  • 2
  • 0
  • 0

high severity
new

Information Exposure

  • Vulnerable module: simple-get
  • Introduced through: web3-utils@1.2.1

Detailed paths

  • Introduced through: @truffle/codec@0.3.5 web3-utils@1.2.1 eth-lib@0.2.7 xhr-request-promise@0.1.3 xhr-request@1.1.0 simple-get@2.8.1

Overview

Affected versions of this package are vulnerable to Information Exposure. When getting Location response header after fetching a remote url with Cookie, it will follow that url and fetch it with the provided cookie which will be then leaked to the attacker .

Remediation

Upgrade simple-get to version 4.0.1 or higher.

References

medium severity

Arbitrary Code Injection

  • Vulnerable module: underscore
  • Introduced through: web3-utils@1.2.1

Detailed paths

  • Introduced through: @truffle/codec@0.3.5 web3-utils@1.2.1 underscore@1.9.1
    Remediation: Upgrade to @truffle/codec@0.10.7.

Overview

underscore is a JavaScript's functional programming helper library.

Affected versions of this package are vulnerable to Arbitrary Code Injection via the template function, particularly when the variable option is taken from _.templateSettings as it is not sanitized.

PoC

const _ = require('underscore');
_.templateSettings.variable = "a = this.process.mainModule.require('child_process').execSync('touch HELLO')";
const t = _.template("")();

Remediation

Upgrade underscore to version 1.13.0-2, 1.12.1 or higher.

References