hygen@4.0.4

Vulnerabilities

2 via 2 paths

Dependencies

62

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
  • 1
Status
  • 2
  • 0
  • 0

critical severity

Arbitrary Code Execution

  • Vulnerable module: front-matter
  • Introduced through: front-matter@2.3.0

Detailed paths

  • Introduced through: hygen@4.0.4 front-matter@2.3.0
    Remediation: Upgrade to hygen@6.0.0.

Overview

front-matter is a package that extracts meta data (front-matter) from documents.

Affected versions of this package are vulnerable to Arbitrary Code Execution due to the default usage of the function yaml.load() of the package js-yaml instead of its secure replacement , yaml.safeLoad().

Remediation

Upgrade front-matter to version 4.0.1 or higher.

References

medium severity

Arbitrary Code Injection

  • Vulnerable module: ejs
  • Introduced through: ejs@2.7.4

Detailed paths

  • Introduced through: hygen@4.0.4 ejs@2.7.4
    Remediation: Upgrade to hygen@6.0.0.

Overview

ejs is a popular JavaScript templating engine.

Affected versions of this package are vulnerable to Arbitrary Code Injection via the render and renderFile. If external input is flowing into the options parameter, an attacker is able run arbitrary code. This include the filename, compileDebug, and client option.

POC

let ejs = require('ejs')
ejs.render('./views/test.ejs',{
    filename:'/etc/passwd\nfinally { this.global.process.mainModule.require(\'child_process\').execSync(\'touch EJS_HACKED\') }',
    compileDebug: true,
    message: 'test',
    client: true
})

Remediation

Upgrade ejs to version 3.1.6 or higher.

References