CVE-2020-26237

{"id": "CVE-2020-26237", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.8, "exploitabilityScore": 2.3}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 1.3}]}, "published": "2020-11-24T23:15:11.223", "references": [{"url": "https://github.com/highlightjs/highlight.js/commit/7241013ae011a585983e176ddc0489a7a52f6bb0", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/highlightjs/highlight.js/pull/2636", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/highlightjs/highlight.js/security/advisories/GHSA-vfrc-7r7c-w9mx", "tags": ["Mitigation", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00041.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://www.npmjs.com/package/highlight.js", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-471"}]}], "descriptions": [{"lang": "en", "value": "Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will result in prototype pollution of the base object's prototype during highlighting. If you allow users to insert custom HTML code blocks into your page/app via parsing Markdown code blocks (or similar) and do not filter the language names the user can provide you may be vulnerable. The pollution should just be harmless data but this can cause problems for applications not expecting these properties to exist and can result in strange behavior or application crashes, i.e. a potential DOS vector. If your website or application does not render user provided data it should be unaffected. Versions 9.18.2 and 10.1.2 and newer include fixes for this vulnerability. If you are using version 7 or 8 you are encouraged to upgrade to a newer release."}, {"lang": "es", "value": "Highlight.js es un resaltador de sintaxis escrito en JavaScript. Highlight.js versiones anteriores a 9.18.2 y 10.1.2 son vulnerables a una Contaminaci\u00f3n de Prototipo. Un bloque de c\u00f3digo HTML malicioso puede ser dise\u00f1ado lo que resultar\u00e1 en la contaminaci\u00f3n del prototipo del prototipo del objeto base durante el resaltado. Si permite a usuarios insertar bloques de c\u00f3digo HTML personalizados en su p\u00e1gina y aplicaci\u00f3n por medio del an\u00e1lisis de bloques de c\u00f3digo Markdown (o similar) y no filtrar los nombres del idioma que el usuario puede proporcionar, puede ser vulnerable. La contaminaci\u00f3n deber\u00eda ser solo datos inofensivos, pero esto puede causar problemas para las aplicaciones que no esperan que se presenten estas propiedades y puede resultar en un comportamiento extra\u00f1o o fallos de la aplicaci\u00f3n, es decir, un vector de DOS potencial. Si su sitio web o aplicaci\u00f3n no proporciona los datos proporcionados por el usuario, no deber\u00eda estar afectado. Versiones 9.18.2 y 10.1. 2 y m\u00e1s recientes incluyen correcciones para esta vulnerabilidad. Si est\u00e1 usando la versi\u00f3n 7 o 8, le recomendamos que actualice a una versi\u00f3n m\u00e1s reciente"}], "lastModified": "2022-10-19T13:49:21.293", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:highlightjs:highlight.js:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "AF6D839E-1AC7-4F59-B516-69D5F8487ED4", "versionEndExcluding": "9.18.2"}, {"criteria": "cpe:2.3:a:highlightjs:highlight.js:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "EE56A922-F91D-4AD1-8C07-56B25BD9E32D", "versionEndExcluding": "10.1.2", "versionStartIncluding": "10.1.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B4888C7-3A68-4AAE-A3ED-8DD4E358BCA4", "versionEndIncluding": "8.0.30"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}