CVE-2024-37169

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-37169
@jmondi/url-to-png is a self-hosted URL to PNG utility. Versions prior to 2.0.3 are vulnerable to arbitrary file read if a threat actor uses the Playright's screenshot feature to exploit the file wrapper. Version 2.0.3 mitigates this issue by requiring input URLs to be of protocol `http` or `https`. No known workarounds are available aside from upgrading.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/jasonraimondi/url-to-png/commit/9336020c5e603323f5cf4a2ac3bb9a7735cf61f7
https://github.com/jasonraimondi/url-to-png/issues/47
https://github.com/jasonraimondi/url-to-png/releases/tag/v2.0.3
https://github.com/jasonraimondi/url-to-png/security/advisories/GHSA-665w-mwrr-77q3
https://github.com/user-attachments/files/15536336/Arbitrary.File.Read.via.Playwright.s.Screenshot.Feature.Exploiting.File.Wrapper.pdf
https://github.com/jasonraimondi/url-to-png/commit/9336020c5e603323f5cf4a2ac3bb9a7735cf61f7
https://github.com/jasonraimondi/url-to-png/issues/47
https://github.com/jasonraimondi/url-to-png/releases/tag/v2.0.3
https://github.com/jasonraimondi/url-to-png/security/advisories/GHSA-665w-mwrr-77q3
https://github.com/user-attachments/files/15536336/Arbitrary.File.Read.via.Playwright.s.Screenshot.Feature.Exploiting.File.Wrapper.pdf
Configurations

No configuration.

History

21 Nov 2024, 09:23

Type Values Removed Values Added
References () https://github.com/jasonraimondi/url-to-png/commit/9336020c5e603323f5cf4a2ac3bb9a7735cf61f7 - () https://github.com/jasonraimondi/url-to-png/commit/9336020c5e603323f5cf4a2ac3bb9a7735cf61f7 -
References () https://github.com/jasonraimondi/url-to-png/issues/47 - () https://github.com/jasonraimondi/url-to-png/issues/47 -
References () https://github.com/jasonraimondi/url-to-png/releases/tag/v2.0.3 - () https://github.com/jasonraimondi/url-to-png/releases/tag/v2.0.3 -
References () https://github.com/jasonraimondi/url-to-png/security/advisories/GHSA-665w-mwrr-77q3 - () https://github.com/jasonraimondi/url-to-png/security/advisories/GHSA-665w-mwrr-77q3 -
References () https://github.com/user-attachments/files/15536336/Arbitrary.File.Read.via.Playwright.s.Screenshot.Feature.Exploiting.File.Wrapper.pdf - () https://github.com/user-attachments/files/15536336/Arbitrary.File.Read.via.Playwright.s.Screenshot.Feature.Exploiting.File.Wrapper.pdf -

11 Jun 2024, 13:54

Type Values Removed Values Added
Summary
  • (es) @jmondi/url-to-png es una utilidad de URL a PNG autohospedada. Las versiones anteriores a la 2.0.3 son vulnerables a la lectura arbitraria de archivos si un actor de amenazas utiliza la función de captura de pantalla de Playright para explotar el contenedor del archivo. La versión 2.0.3 mitiga este problema al requerir que las URL de entrada sean del protocolo "http" o "https". No hay workarounds disponibles aparte de la actualización.

10 Jun 2024, 22:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-10 22:15

Updated : 2024-11-21 09:23

NVD link : CVE-2024-37169

Mitre link : CVE-2024-37169

CVE.ORG link : CVE-2024-37169

JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024