Vulnerabilities

3 via 3 paths

Dependencies

180

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
  • 2
Status
  • 3
  • 0
  • 0

critical severity

Command Injection

  • Vulnerable module: connection-tester
  • Introduced through: connection-tester@0.1.2

Detailed paths

  • Introduced through: logstash-relay@1.1.7 connection-tester@0.1.2
    Remediation: Upgrade to logstash-relay@1.2.4.

Overview

connection-tester is a module that tests to check if the connection can be established or host/port reachable for a given host and port. Useful for testing all the connection in your node application at server startup.

Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 15 in index.js.

The following PoC demonstrates the vulnerability:

PoC

var a = require("connection-tester");
a.test("& touch 111","& touch 222",123)

Remediation

Upgrade connection-tester to version 0.2.1 or higher.

References

high severity

Denial of Service (DoS)

  • Vulnerable module: dicer
  • Introduced through: multer@1.4.4

Detailed paths

  • Introduced through: logstash-relay@1.1.7 multer@1.4.4 busboy@0.2.14 dicer@0.2.5

Overview

Affected versions of this package are vulnerable to Denial of Service (DoS). A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes.

PoC:

    fetch('form-image', {
      method: 'POST',
      headers: {
        ['content-type']: 'multipart/form-data; boundary=----WebKitFormBoundaryoo6vortfDzBsDiro',
        ['content-length']: '145',
        host: '127.0.0.1:8000',
        connection: 'keep-alive',
      },
      body: '------WebKitFormBoundaryoo6vortfDzBsDiro\r\n Content-Disposition: form-data; name="bildbeschreibung"\r\n\r\n\r\n------WebKitFormBoundaryoo6vortfDzBsDiro--'
    });

Remediation

There is no fixed version for dicer.

References

high severity

Improper Privilege Management

  • Vulnerable module: shelljs
  • Introduced through: connection-tester@0.1.2

Detailed paths

  • Introduced through: logstash-relay@1.1.7 connection-tester@0.1.2 shelljs@0.7.8
    Remediation: Upgrade to logstash-relay@1.2.4.

Overview

shelljs is a wrapper for the Unix shell commands for Node.js.

Affected versions of this package are vulnerable to Improper Privilege Management. When ShellJS is used to create shell scripts which may be running as root, users with low-level privileges on the system can leak sensitive information such as passwords (depending on implementation) from the standard output of the privileged process OR shutdown privileged ShellJS processes via the exec function when triggering EACCESS errors.

Note: Thi only impacts the synchronous version of shell.exec().

Remediation

Upgrade shelljs to version 0.8.5 or higher.

References