create-lti-launch-artillery@1.0.4 vulnerabilities | create-lti-launch-artillery 1.0.4

Vulnerabilities	2 via 10 paths
Dependencies	184
Source	npm

Find a vulnerability free version of create-lti-launch-artillery | View create-lti-launch-artillery package health on Snyk Advisor

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications

Severity

High
1
Medium
1
Low

Status

Open
2
Patched
0
Ignored
0

high severity

Insecure Randomness

Vulnerable module: crypto-js
Introduced through: oauth-signature@1.5.0 and caccl@1.1.38

Detailed paths

Introduced through: create-lti-launch-artillery@1.0.4 › oauth-signature@1.5.0 › crypto-js@3.1.9-1
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-lti@1.1.6 › oauth-signature@1.5.0 › crypto-js@3.1.9-1
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-grade-passback@1.1.3 › oauth-signature@1.5.0 › crypto-js@3.1.9-1
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-authorizer@1.1.24 › caccl-lti@1.1.6 › oauth-signature@1.5.0 › crypto-js@3.1.9-1
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-canvas-partial-simulator@1.0.43 › caccl@1.1.38 › caccl-lti@1.1.6 › oauth-signature@1.5.0 › crypto-js@3.1.9-1
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-canvas-partial-simulator@1.0.43 › caccl@1.1.38 › caccl-grade-passback@1.1.3 › oauth-signature@1.5.0 › crypto-js@3.1.9-1
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-canvas-partial-simulator@1.0.43 › caccl@1.1.38 › caccl-authorizer@1.1.24 › caccl-lti@1.1.6 › oauth-signature@1.5.0 › crypto-js@3.1.9-1

Overview

crypto-js is a library of crypto standards.

Affected versions of this package are vulnerable to Insecure Randomness. The secureRandom() method is supposed to return a cryptographically strong pseudo-random data string, but it is biased to certain digits. An attacker could be able to guess the created digits.

Remediation

Upgrade crypto-js to version 3.2.1 or higher.

References

Insecure Randomness vulnerability report

medium severity

Arbitrary Code Injection

Vulnerable module: ejs
Introduced through: caccl@1.1.38

Detailed paths

Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-authorizer@1.1.24 › ejs@2.7.4
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-canvas-partial-simulator@1.0.43 › ejs@2.7.4
Introduced through: create-lti-launch-artillery@1.0.4 › caccl@1.1.38 › caccl-canvas-partial-simulator@1.0.43 › caccl@1.1.38 › caccl-authorizer@1.1.24 › ejs@2.7.4

Overview

ejs is a popular JavaScript templating engine.

Affected versions of this package are vulnerable to Arbitrary Code Injection via the render and renderFile. If external input is flowing into the options parameter, an attacker is able run arbitrary code. This include the filename, compileDebug, and client option.

POC

let ejs = require('ejs')
ejs.render('./views/test.ejs',{
    filename:'/etc/passwd\nfinally { this.global.process.mainModule.require(\'child_process\').execSync(\'touch EJS_HACKED\') }',
    compileDebug: true,
    message: 'test',
    client: true
})

Remediation

Upgrade ejs to version 3.1.6 or higher.

References

Arbitrary Code Injection vulnerability report

create-lti-launch-artillery@1.0.4

Vulnerabilities

Dependencies

Source

Find, fix and prevent vulnerabilities in your code.

high severity

Insecure Randomness

Detailed paths

Overview

Remediation

References

medium severity

Arbitrary Code Injection

Detailed paths

Overview

POC

Remediation

References