{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-22020", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "state": "PUBLISHED", "assignerShortName": "hackerone", "dateReserved": "2024-01-04T01:04:06.574Z", "datePublished": "2024-07-09T01:07:28.098Z", "dateUpdated": "2024-10-25T17:48:27.567Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "A security flaw in Node.js allows a bypass of network import restrictions.\nBy embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security.\nVerified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports.\nExploiting this flaw can violate network import security, posing a risk to developers and servers."}], "affected": [{"defaultStatus": "unaffected", "vendor": "Node.js", "product": "Node.js", "versions": [{"version": "21.6.1", "status": "affected", "lessThanOrEqual": "21.6.1", "versionType": "semver"}, {"version": "20.11.0", "status": "affected", "lessThanOrEqual": "20.11.0", "versionType": "semver"}, {"version": "18.19.0", "status": "affected", "lessThanOrEqual": "18.19.0", "versionType": "semver"}]}], "references": [{"url": "https://hackerone.com/reports/2092749"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/6"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/19/3"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2024-07-09T01:07:28.098Z"}}, "adp": [{"affected": [{"vendor": "nodejs", "product": "nodejs", "cpes": ["cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "21.6.1", "status": "affected"}, {"version": "20.11.0", "status": "affected"}, {"version": "18.19.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-13T03:55:30.015268Z", "id": "CVE-2024-22020", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-25T17:48:27.567Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.646Z"}, "title": "CVE Program Container", "references": [{"url": "https://hackerone.com/reports/2092749", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/6", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/19/3", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://hackerone.com/reports/2092749", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/6", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/19/3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:35:34.646Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-22020", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-13T03:55:30.015268Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:nodejs:nodejs:*:*:*:*:*:*:*:*"], "vendor": "nodejs", "product": "nodejs", "versions": [{"status": "affected", "version": "21.6.1"}, {"status": "affected", "version": "20.11.0"}, {"status": "affected", "version": "18.19.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-09T14:15:40.771Z"}}], "cna": {"metrics": [{"cvssV3_0": {"version": "3.0", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H"}}], "affected": [{"vendor": "Node.js", "product": "Node.js", "versions": [{"status": "affected", "version": "21.6.1", "versionType": "semver", "lessThanOrEqual": "21.6.1"}, {"status": "affected", "version": "20.11.0", "versionType": "semver", "lessThanOrEqual": "20.11.0"}, {"status": "affected", "version": "18.19.0", "versionType": "semver", "lessThanOrEqual": "18.19.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://hackerone.com/reports/2092749"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/11/6"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/19/3"}], "descriptions": [{"lang": "en", "value": "A security flaw in Node.js allows a bypass of network import restrictions.\nBy embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security.\nVerified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports.\nExploiting this flaw can violate network import security, posing a risk to developers and servers."}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2024-07-09T01:07:28.098Z"}}}, "cveMetadata": {"cveId": "CVE-2024-22020", "state": "PUBLISHED", "dateUpdated": "2024-10-25T17:48:27.567Z", "dateReserved": "2024-01-04T01:04:06.574Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2024-07-09T01:07:28.098Z", "assignerShortName": "hackerone"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw in Node.js allows a bypass of network import restrictions.\nBy embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security.\nVerified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports.\nExploiting this flaw can violate network import security, posing a risk to developers and servers."}, {"lang": "es", "value": "Un fallo de seguridad en Node.js permite eludir las restricciones de importaci\u00f3n de la red. Al incorporar importaciones fuera de la red en las URL de datos, un atacante puede ejecutar c\u00f3digo arbitrario, comprometiendo la seguridad del sistema. Verificada en varias plataformas, la vulnerabilidad se mitiga al prohibir las URL de datos en las importaciones de red. La explotaci\u00f3n de este fallo puede violar la seguridad de importaci\u00f3n de la red, lo que representa un riesgo para los desarrolladores y servidores."}], "id": "CVE-2024-22020", "lastModified": "2024-10-25T18:35:03.697", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.5, "source": "support@hackerone.com", "type": "Secondary"}]}, "published": "2024-07-09T02:15:09.973", "references": [{"source": "support@hackerone.com", "url": "http://www.openwall.com/lists/oss-security/2024/07/11/6"}, {"source": "support@hackerone.com", "url": "http://www.openwall.com/lists/oss-security/2024/07/19/3"}, {"source": "support@hackerone.com", "url": "https://hackerone.com/reports/2092749"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:5814", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:20-8100020240808073736.489197e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-26T00:00:00Z"}, {"advisory": "RHSA-2024:6148", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:18-8100020240807161023.489197e6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:5815", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "nodejs:20-9040020240807145403.rhel9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-26T00:00:00Z"}, {"advisory": "RHSA-2024:6147", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "nodejs:18-9040020240807131341.rhel9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-03T00:00:00Z"}], "bugzilla": {"description": "nodejs: Bypass network import restriction via data URL", "id": "2296417", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296417"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H", "status": "verified"}, "details": ["A security flaw in Node.js allows a bypass of network import restrictions.\nBy embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security.\nVerified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports.\nExploiting this flaw can violate network import security, posing a risk to developers and servers.", "A flaw was found in the Node.js package. By embedding non-network imports in data URLs, this flaw allows an attacker to execute arbitrary code, compromising system security."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-22020", "public_date": "2024-07-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-22020\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-22020\nhttps://hackerone.com/reports/2092749"], "statement": "This vulnerability is categorized as moderate severity rather than high due to its specific conditions for exploitation and impact scope. While the flaw permits bypassing network import restrictions via data URLs to execute arbitrary code, its exploitation is contingent on the attacker\u2019s ability to inject and execute code within a controlled environment. The impact is constrained to scenarios where the vulnerable application processes data URLs and lacks robust validation mechanisms. Additionally, this issue requires the attacker to exploit specific code paths and permissions, which limits its widespread applicability.", "threat_severity": "Moderate"}