CVE-2023-38695 - OpenCVE

cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Simonsmith	Cypress Image Snapshot

Configuration 1 [-]

cpe:2.3:a:simonsmith:cypress_image_snapshot:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4
https://github.com/simonsmith/cypress-image-snapshot/issues/15
https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2
https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g

History

Mon, 07 Oct 2024 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-08-04T17:25:18.810Z

Updated: 2024-10-04T19:39:48.430Z

Reserved: 2023-07-24T16:19:28.364Z

Link: CVE-2023-38695

Vulnrichment

Updated: 2024-08-02T17:46:56.567Z

NVD

Status : Analyzed

Published: 2023-08-04T18:15:14.667

Modified: 2023-08-09T13:18:50.527

Link: CVE-2023-38695

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-38695", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-07-24T16:19:28.364Z", "datePublished": "2023-08-04T17:25:18.810Z", "dateUpdated": "2024-10-04T19:39:48.430Z"}, "containers": {"cna": {"title": "cypress-image-snapshot vulnerable to insecure snapshot file names", "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "lang": "en", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g"}, {"name": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "tags": ["x_refsource_MISC"], "url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15"}, {"name": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "tags": ["x_refsource_MISC"], "url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4"}, {"name": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2"}], "affected": [{"vendor": "simonsmith", "product": "cypress-image-snapshot", "versions": [{"version": "<= 8.0.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-08-04T17:25:18.810Z"}, "descriptions": [{"lang": "en", "value": "cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.\n\n\n"}], "source": {"advisory": "GHSA-vxjg-hchx-cc4g", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:46:56.567Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g"}, {"name": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15"}, {"name": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4"}, {"name": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-04T19:39:39.519261Z", "id": "CVE-2023-38695", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-04T19:39:48.430Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "name": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "name": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "name": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "name": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:46:56.567Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38695", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-04T19:39:39.519261Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-04T19:39:44.109Z"}}], "cna": {"title": "cypress-image-snapshot vulnerable to insecure snapshot file names", "source": {"advisory": "GHSA-vxjg-hchx-cc4g", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "simonsmith", "product": "cypress-image-snapshot", "versions": [{"status": "affected", "version": "<= 8.0.1"}]}], "references": [{"url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "name": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "name": "https://github.com/simonsmith/cypress-image-snapshot/issues/15", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "name": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "name": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.\n\n\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-08-04T17:25:18.810Z"}}}, "cveMetadata": {"cveId": "CVE-2023-38695", "state": "PUBLISHED", "dateUpdated": "2024-10-04T19:39:48.430Z", "dateReserved": "2023-07-24T16:19:28.364Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-08-04T17:25:18.810Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:simonsmith:cypress_image_snapshot:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "35914465-A5A0-48FC-B8B5-0AFFF23883AF", "versionEndExcluding": "8.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "cypress-image-snapshot shows visual regressions in Cypress with jest-image-snapshot. Prior to version 8.0.2, it's possible for a user to pass a relative file path for the snapshot name and reach outside of the project directory into the machine running the test. This issue has been patched in version 8.0.2.\n\n\n"}, {"lang": "es", "value": "cypress-image-snapshot muestra regresiones visuales en Cypress con jest-image-snapshot. Antes de la versi\u00f3n 8.0.2, era posible que un usuario pasara una ruta de archivo relativa para el nombre de la instant\u00e1nea y llegara fuera del directorio del proyecto a la m\u00e1quina que ejecutaba la prueba. Este problema se ha corregido en la versi\u00f3n 8.0.2."}], "id": "CVE-2023-38695", "lastModified": "2023-08-09T13:18:50.527", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-08-04T18:15:14.667", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/simonsmith/cypress-image-snapshot/commit/ef49519795daf5183f4fac6f3136e194f20f39f4"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/simonsmith/cypress-image-snapshot/issues/15"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/simonsmith/cypress-image-snapshot/releases/tag/8.0.2"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://github.com/simonsmith/cypress-image-snapshot/security/advisories/GHSA-vxjg-hchx-cc4g"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}