CVE-2023-38695

cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4	Patch
https://github.com/simonsmith/cypress-image-snapshot/issues/15	Exploit Issue Tracking Patch Third Party Advisory
https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2	Release Notes
https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g	Exploit Mitigation Vendor Advisory
https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4	Patch
https://github.com/simonsmith/cypress-image-snapshot/issues/15	Exploit Issue Tracking Patch Third Party Advisory
https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2	Release Notes
https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g	Exploit Mitigation Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:simonsmith:cypress_image_snapshot:*:*:*:*:*:node.js:*:*

History

No history.

Information

Published : 2023-08-04 18:15

Updated : 2024-11-21 08:14

NVD link : CVE-2023-38695

Mitre link : CVE-2023-38695

CVE.ORG link : CVE-2023-38695

JSON object : View

Products Affected

simonsmith

cypress_image_snapshot

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2023-38695", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2023-08-04T18:15:14.667", "references": [{"url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.\n\n\n"}, {"lang": "es", "value": "cypress-image-snapshot muestra regresiones visuales en Cypress con jest-image-snapshot. Antes de la versi\u00f3n 8.0.2, era posible que un usuario pasara una ruta de archivo relativa para el nombre de la instant\u00e1nea y llegara fuera del directorio del proyecto a la m\u00e1quina que ejecutaba la prueba. Este problema se ha corregido en la versi\u00f3n 8.0.2."}], "lastModified": "2024-11-21T08:14:04.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:simonsmith:cypress_image_snapshot:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "35914465-A5A0-48FC-B8B5-0AFFF23883AF", "versionEndExcluding": "8.0.2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}