CVE-2024-21534

All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** There were several attempts to fix it in versions [10.0.0-10.1.0](https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226).

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0
https://github.com/JSONPath-Plus/JSONPath/issues/226
https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8185019
https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884

Configurations

No configuration.

History

No history.

Information

Published : 2024-10-11 13:15

Updated : 2024-11-18 11:15

NVD link : CVE-2024-21534

Mitre link : CVE-2024-21534

CVE.ORG link : CVE-2024-21534

JSON object : View

Products Affected

No product.

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2024-21534", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-10-11T13:15:15.667", "references": [{"url": "https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0", "source": "report@snyk.io"}, {"url": "https://github.com/JSONPath-Plus/JSONPath/issues/226", "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8185019", "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-JSONPATHPLUS-7945884", "source": "report@snyk.io"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-94"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node.\r\r**Note:**\r\rThere were several attempts to fix it in versions [10.0.0-10.1.0](https://github.com/JSONPath-Plus/JSONPath/compare/v9.0.0...v10.1.0) but it could still be exploited using [different payloads](https://github.com/JSONPath-Plus/JSONPath/issues/226)."}, {"lang": "es", "value": "Las versiones del paquete jsonpath-plus anteriores a la 10.0.0 son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo (RCE) debido a una desinfecci\u00f3n de entrada incorrecta. Un atacante puede ejecutar c\u00f3digo arbitrario en el sistema aprovechando el uso inseguro predeterminado de vm en Node. **Nota:** El comportamiento inseguro sigue estando disponible despu\u00e9s de aplicar la correcci\u00f3n, pero no est\u00e1 activado de forma predeterminada."}], "lastModified": "2024-11-18T11:15:06.447", "sourceIdentifier": "report@snyk.io"}