{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21583", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "state": "PUBLISHED", "assignerShortName": "snyk", "dateReserved": "2023-12-22T12:33:20.132Z", "datePublished": "2024-07-19T05:00:01.569Z", "dateUpdated": "2024-10-31T13:52:00.420Z"}, "containers": {"cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N/E:P"}}], "credits": [{"value": "Elliot Ward (Snyk Security Research)", "lang": "en"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-15", "description": "Cookie Tossing", "lang": "en"}]}], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2024-07-19T05:00:01.569Z"}, "descriptions": [{"value": "Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the _gitpod_io_jwt2_ session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker\u2019s own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session.", "lang": "en"}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079"}, {"url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"}, {"url": "https://github.com/gitpod-io/gitpod/pull/19973"}, {"url": "https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155"}], "affected": [{"product": "github.com/gitpod-io/gitpod/components/server/go/pkg/lib", "versions": [{"version": "0", "lessThan": "main-gha.27122", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy", "versions": [{"version": "0", "lessThan": "main-gha.27122", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "github.com/gitpod-io/gitpod/install/installer/pkg/components/auth", "versions": [{"version": "0", "lessThan": "main-gha.27122", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server", "versions": [{"version": "0", "lessThan": "main-gha.27122", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "github.com/gitpod-io/gitpod/install/installer/pkg/components/server", "versions": [{"version": "0", "lessThan": "main-gha.27122", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "@gitpod/gitpod-protocol", "versions": [{"version": "0", "lessThan": "0.1.5-main-gha.27122", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-565", "lang": "en", "description": "CWE-565 Reliance on Cookies without Validation and Integrity Checking"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-19T12:27:45.663149Z", "id": "CVE-2024-21583", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-31T13:52:00.420Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:27:34.499Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079", "tags": ["x_transferred"]}, {"url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d", "tags": ["x_transferred"]}, {"url": "https://github.com/gitpod-io/gitpod/pull/19973", "tags": ["x_transferred"]}, {"url": "https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079", "tags": ["x_transferred"]}, {"url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d", "tags": ["x_transferred"]}, {"url": "https://github.com/gitpod-io/gitpod/pull/19973", "tags": ["x_transferred"]}, {"url": "https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:27:34.499Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-21583", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-19T12:27:45.663149Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-565", "description": "CWE-565 Reliance on Cookies without Validation and Integrity Checking"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-23T14:26:29.192Z"}}], "cna": {"credits": [{"lang": "en", "value": "Elliot Ward (Snyk Security Research)"}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N/E:P", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "n/a", "product": "github.com/gitpod-io/gitpod/components/server/go/pkg/lib", "versions": [{"status": "affected", "version": "0", "lessThan": "main-gha.27122", "versionType": "semver"}]}, {"vendor": "n/a", "product": "github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy", "versions": [{"status": "affected", "version": "0", "lessThan": "main-gha.27122", "versionType": "semver"}]}, {"vendor": "n/a", "product": "github.com/gitpod-io/gitpod/install/installer/pkg/components/auth", "versions": [{"status": "affected", "version": "0", "lessThan": "main-gha.27122", "versionType": "semver"}]}, {"vendor": "n/a", "product": "github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server", "versions": [{"status": "affected", "version": "0", "lessThan": "main-gha.27122", "versionType": "semver"}]}, {"vendor": "n/a", "product": "github.com/gitpod-io/gitpod/install/installer/pkg/components/server", "versions": [{"status": "affected", "version": "0", "lessThan": "main-gha.27122", "versionType": "semver"}]}, {"vendor": "n/a", "product": "@gitpod/gitpod-protocol", "versions": [{"status": "affected", "version": "0", "lessThan": "0.1.5-main-gha.27122", "versionType": "semver"}]}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079"}, {"url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"}, {"url": "https://github.com/gitpod-io/gitpod/pull/19973"}, {"url": "https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155"}], "descriptions": [{"lang": "en", "value": "Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the _gitpod_io_jwt2_ session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker\u2019s own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-15", "description": "Cookie Tossing"}]}], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2024-07-19T05:00:01.569Z"}}}, "cveMetadata": {"cveId": "CVE-2024-21583", "state": "PUBLISHED", "dateUpdated": "2024-10-31T13:52:00.420Z", "dateReserved": "2023-12-22T12:33:20.132Z", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "datePublished": "2024-07-19T05:00:01.569Z", "assignerShortName": "snyk"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the _gitpod_io_jwt2_ session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attacker\u2019s own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session."}, {"lang": "es", "value": "Versiones del paquete github.com/gitpod-io/gitpod/components/server/go/pkg/lib antes de main-gha.27122; versiones del paquete github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy antes de main-gha.27122; versiones del paquete github.com/gitpod-io/gitpod/install/installer/pkg/components/auth antes de main-gha.27122; versiones del paquete github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server antes de main-gha.27122; versiones del paquete github.com/gitpod-io/gitpod/install/installer/pkg/components/server antes de main-gha.27122; Las versiones del paquete @gitpod/gitpod-protocol anteriores a 0.1.5-main-gha.27122 son vulnerables al lanzamiento de cookies debido a que falta un prefijo __Host- en la cookie de sesi\u00f3n _gitpod_io_jwt2_. Esto permite a un adversario que controla un subdominio establecer el valor de la cookie en el plano de control de Gitpod, que puede asignarse al propio JWT de un atacante para que las acciones espec\u00edficas tomadas por la v\u00edctima (como conectar una nueva organizaci\u00f3n de Github) sean ejecutadas por La sesi\u00f3n de los atacantes."}], "id": "CVE-2024-21583", "lastModified": "2024-10-31T14:35:10.887", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 1.4, "source": "report@snyk.io", "type": "Secondary"}]}, "published": "2024-07-19T05:15:10.373", "references": [{"source": "report@snyk.io", "url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"}, {"source": "report@snyk.io", "url": "https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155"}, {"source": "report@snyk.io", "url": "https://github.com/gitpod-io/gitpod/pull/19973"}, {"source": "report@snyk.io", "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074"}, {"source": "report@snyk.io", "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075"}, {"source": "report@snyk.io", "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076"}, {"source": "report@snyk.io", "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077"}, {"source": "report@snyk.io", "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078"}, {"source": "report@snyk.io", "url": "https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-15"}], "source": "report@snyk.io", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-565"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}