In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given their path, without restrictions on the requester's origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-0816 In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given their path, without restrictions on the requester's origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit.
Github GHSA Github GHSA GHSA-f7vx-j8mp-3h2x Insufficient Verification of Data Authenticity in Eclipse Theia
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: eclipse

Published:

Updated: 2024-08-05T01:47:13.536Z

Reserved: 2019-10-16T00:00:00

Link: CVE-2019-17636

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-10T15:15:16.073

Modified: 2024-11-21T04:32:40.590

Link: CVE-2019-17636

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.