CVE-2024-21541

All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:matthewmueller:dom-iterator:*:*:*:*:*:node.js:*:*

History

19 Nov 2024, 16:20

Type	Values Removed	Values Added
CPE		cpe:2.3:a:matthewmueller:dom-iterator::::::node.js::*
CVSS	v2 : ~~unknown~~ v3 : ~~7.3~~	v2 : unknown v3 : 9.8
References	~~() https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199 -~~	() https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199 - Exploit, Third Party Advisory
First Time		Matthewmueller Matthewmueller dom-iterator

13 Nov 2024, 17:01

Type	Values Removed	Values Added
Summary		(es) Todas las versiones del paquete dom-iterator son vulnerables a la ejecución de código arbitrario debido al uso del constructor Function sin una desinfección completa de la entrada. Function genera un nuevo cuerpo de función y, por lo tanto, se debe tener cuidado para garantizar que las entradas a Function no estén controladas por un atacante. Los riesgos involucrados son similares a los de permitir que la entrada controlada por un atacante llegue a eval.

13 Nov 2024, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-13 05:15

Updated : 2024-11-19 16:20

NVD link : CVE-2024-21541

Mitre link : CVE-2024-21541

CVE.ORG link : CVE-2024-21541

JSON object : View

Products Affected

matthewmueller

dom-iterator

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2024-21541", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}]}, "published": "2024-11-13T05:15:14.680", "references": [{"url": "https://security.snyk.io/vuln/SNYK-JS-DOMITERATOR-6157199", "tags": ["Exploit", "Third Party Advisory"], "source": "report@snyk.io"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}, {"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval."}, {"lang": "es", "value": "Todas las versiones del paquete dom-iterator son vulnerables a la ejecuci\u00f3n de c\u00f3digo arbitrario debido al uso del constructor Function sin una desinfecci\u00f3n completa de la entrada. Function genera un nuevo cuerpo de funci\u00f3n y, por lo tanto, se debe tener cuidado para garantizar que las entradas a Function no est\u00e9n controladas por un atacante. Los riesgos involucrados son similares a los de permitir que la entrada controlada por un atacante llegue a eval."}], "lastModified": "2024-11-19T16:20:37.887", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:matthewmueller:dom-iterator:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "23F03C7B-1A8B-4FB7-9A5D-FE3C08D3ED56", "versionEndIncluding": "1.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "report@snyk.io"}