CVE-2023-50710 - OpenCVE

Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources. TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter. Version 3.11.7 includes the change to fix this issue. As a workaround, avoid using TrieRouter directly.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hono	Hono

Configuration 1 [-]

cpe:2.3:a:hono:hono:*:*:*:*:*:node.js:*:*

No data.

References

Link	Providers
https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8
https://github.com/honojs/hono/releases/tag/v3.11.7
https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-12-14T17:22:26.836Z

Updated: 2024-08-02T22:16:47.211Z

Reserved: 2023-12-11T17:53:36.028Z

Link: CVE-2023-50710

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-12-14T18:15:45.270

Modified: 2023-12-19T19:44:37.647

Link: CVE-2023-50710

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-50710", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-12-11T17:53:36.028Z", "datePublished": "2023-12-14T17:22:26.836Z", "dateUpdated": "2024-08-02T22:16:47.211Z"}, "containers": {"cna": {"title": "Hono's named path parameters can be overridden in TrieRouter", "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq"}, {"name": "https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8", "tags": ["x_refsource_MISC"], "url": "https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8"}, {"name": "https://github.com/honojs/hono/releases/tag/v3.11.7", "tags": ["x_refsource_MISC"], "url": "https://github.com/honojs/hono/releases/tag/v3.11.7"}], "affected": [{"vendor": "honojs", "product": "hono", "versions": [{"version": "< 3.11.7", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-14T17:22:26.836Z"}, "descriptions": [{"lang": "en", "value": "Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources. TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter. Version 3.11.7 includes the change to fix this issue. As a workaround, avoid using TrieRouter directly."}], "source": {"advisory": "GHSA-f6gv-hh8j-q8vq", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:16:47.211Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq"}, {"name": "https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8"}, {"name": "https://github.com/honojs/hono/releases/tag/v3.11.7", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/honojs/hono/releases/tag/v3.11.7"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hono:hono:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "74A7A157-DE4D-4445-9670-2EBF795FAB11", "versionEndExcluding": "3.11.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources. TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter. Version 3.11.7 includes the change to fix this issue. As a workaround, avoid using TrieRouter directly."}, {"lang": "es", "value": "Hono es un framework web escrito en TypeScript. Antes de la versi\u00f3n 3.11.7, los clientes pueden anular los valores de los par\u00e1metros de ruta con nombre de solicitudes anteriores si la aplicaci\u00f3n utiliza TrieRouter. Por lo tanto, existe el riesgo de que un usuario privilegiado utilice par\u00e1metros no deseados al eliminar recursos de la API REST. TrieRouter se usa expl\u00edcitamente o cuando la aplicaci\u00f3n coincide con un patr\u00f3n que no es compatible con el RegExpRouter predeterminado. La versi\u00f3n 3.11.7 incluye el cambio para solucionar este problema. Como workaround, evite utilizar TrieRouter directamente."}], "id": "CVE-2023-50710", "lastModified": "2023-12-19T19:44:37.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-12-14T18:15:45.270", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/honojs/hono/releases/tag/v3.11.7"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security-advisories@github.com", "type": "Primary"}]}