CVE-2022-36036 - OpenCVE

mdx-mermaid provides plug and play access to Mermaid in MDX. There is a potential for an arbitrary javascript injection in versions less than 1.3.0 and 2.0.0-rc1. Modify any mermaid code blocks with arbitrary code and it will execute when the component is loaded by MDXjs. This vulnerability was patched in version(s) 1.3.0 and 2.0.0-rc2. There are currently no known workarounds.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mdx-mermaid Project	Mdx-mermaid

Configuration 1 [-]

OR	cpe:2.3:a:mdx-mermaid_project:mdx-mermaid::::::node.js::*
	cpe:2.3:a:mdx-mermaid_project:mdx-mermaid:2.0.0:rc1::::node.js::*

No data.

References

Link	Providers
https://github.com/sjwall/mdx-mermaid/commit/f2b99386660fd13316823529c3f1314ebbcdfd2a
https://github.com/sjwall/mdx-mermaid/security/advisories/GHSA-rvgm-35jw-q628

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-08-29T17:20:10

Updated: 2024-08-03T09:52:00.316Z

Reserved: 2022-07-15T00:00:00

Link: CVE-2022-36036

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-29T18:15:09.803

Modified: 2022-09-01T20:50:39.540

Link: CVE-2022-36036

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "mdx-mermaid", "vendor": "sjwall", "versions": [{"status": "affected", "version": "< 1.3.0"}, {"status": "affected", "version": "= 2.0.0-rc1"}]}], "descriptions": [{"lang": "en", "value": "mdx-mermaid provides plug and play access to Mermaid in MDX. There is a potential for an arbitrary javascript injection in versions less than 1.3.0 and 2.0.0-rc1. Modify any mermaid code blocks with arbitrary code and it will execute when the component is loaded by MDXjs. This vulnerability was patched in version(s) 1.3.0 and 2.0.0-rc2. There are currently no known workarounds."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-29T17:20:09", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/sjwall/mdx-mermaid/security/advisories/GHSA-rvgm-35jw-q628"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sjwall/mdx-mermaid/commit/f2b99386660fd13316823529c3f1314ebbcdfd2a"}], "source": {"advisory": "GHSA-rvgm-35jw-q628", "discovery": "UNKNOWN"}, "title": "Improper Control of Generation of Code ('Code Injection') in mdx-mermaid", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-36036", "STATE": "PUBLIC", "TITLE": "Improper Control of Generation of Code ('Code Injection') in mdx-mermaid"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "mdx-mermaid", "version": {"version_data": [{"version_value": "< 1.3.0"}, {"version_value": "= 2.0.0-rc1"}]}}]}, "vendor_name": "sjwall"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "mdx-mermaid provides plug and play access to Mermaid in MDX. There is a potential for an arbitrary javascript injection in versions less than 1.3.0 and 2.0.0-rc1. Modify any mermaid code blocks with arbitrary code and it will execute when the component is loaded by MDXjs. This vulnerability was patched in version(s) 1.3.0 and 2.0.0-rc2. There are currently no known workarounds."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/sjwall/mdx-mermaid/security/advisories/GHSA-rvgm-35jw-q628", "refsource": "CONFIRM", "url": "https://github.com/sjwall/mdx-mermaid/security/advisories/GHSA-rvgm-35jw-q628"}, {"name": "https://github.com/sjwall/mdx-mermaid/commit/f2b99386660fd13316823529c3f1314ebbcdfd2a", "refsource": "MISC", "url": "https://github.com/sjwall/mdx-mermaid/commit/f2b99386660fd13316823529c3f1314ebbcdfd2a"}]}, "source": {"advisory": "GHSA-rvgm-35jw-q628", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:52:00.316Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/sjwall/mdx-mermaid/security/advisories/GHSA-rvgm-35jw-q628"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/sjwall/mdx-mermaid/commit/f2b99386660fd13316823529c3f1314ebbcdfd2a"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-36036", "datePublished": "2022-08-29T17:20:10", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2024-08-03T09:52:00.316Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mdx-mermaid_project:mdx-mermaid:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "EAACA527-0571-4D6F-B8A5-BB7894496B0B", "versionEndExcluding": "1.3.0", "versionStartIncluding": "0.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mdx-mermaid_project:mdx-mermaid:2.0.0:rc1:*:*:*:node.js:*:*", "matchCriteriaId": "1272C1E9-F4A5-4D37-B873-C38A103C93A7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "mdx-mermaid provides plug and play access to Mermaid in MDX. There is a potential for an arbitrary javascript injection in versions less than 1.3.0 and 2.0.0-rc1. Modify any mermaid code blocks with arbitrary code and it will execute when the component is loaded by MDXjs. This vulnerability was patched in version(s) 1.3.0 and 2.0.0-rc2. There are currently no known workarounds."}, {"lang": "es", "value": "mdx-mermaid proporciona acceso plug and play a Mermaid en MDX. Se presenta la posibilidad de una inyecci\u00f3n arbitraria de javascript en versiones inferiores a 1.3.0 y 2.0.0-rc1. Modificar cualquier bloque de c\u00f3digo de Mermaid con c\u00f3digo arbitrario y ser\u00e1 ejecutado cuando el componente sea cargado por MDXjs. Esta vulnerabilidad fue parcheada en versiones 1.3.0 y 2.0.0-rc2. Actualmente no se presentan mitigaciones conocidas"}], "id": "CVE-2022-36036", "lastModified": "2022-09-01T20:50:39.540", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.6, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-08-29T18:15:09.803", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/sjwall/mdx-mermaid/commit/f2b99386660fd13316823529c3f1314ebbcdfd2a"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/sjwall/mdx-mermaid/security/advisories/GHSA-rvgm-35jw-q628"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security-advisories@github.com", "type": "Primary"}]}