OpenCVE

Joplin is an open source, privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS. In affected versions attackers are able to abuse the fact that openExternal is used without any filtering of URI schemes to obtain remote code execution in Windows environments. This issue has been addressed in version 3.0.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Laurent 22	Joplin

No data.

No data.

References

Link	Providers
https://github.com/laurent22/joplin/security/advisories/GHSA-pc5v-xp44-5mgv

History

Mon, 25 Nov 2024 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Laurent 22 Laurent 22 joplin
CPEs		cpe:2.3:a:laurent_22:joplin::::::::
Vendors & Products		Laurent 22 Laurent 22 joplin
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 25 Nov 2024 19:30:00 +0000

Type	Values Removed	Values Added
Description		Joplin is an open source, privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS. In affected versions attackers are able to abuse the fact that openExternal is used without any filtering of URI schemes to obtain remote code execution in Windows environments. This issue has been addressed in version 3.0.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Title		Lack of validation on openExternal allows 1 click remote code execution in joplin
Weaknesses		CWE-94
References		https://github.com/laurent22/joplin/security/advisories/GHSA-pc5v-xp44-5mgv
Metrics		cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-11-25T19:22:17.131Z

Updated: 2024-11-25T19:38:18.292Z

Reserved: 2024-11-19T20:08:14.481Z

Link: CVE-2024-53268

Vulnrichment

Updated: 2024-11-25T19:36:53.503Z

NVD

Status : Received

Published: 2024-11-25T20:15:10.583

Modified: 2024-11-25T20:15:10.583

Link: CVE-2024-53268

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-53268", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-11-19T20:08:14.481Z", "datePublished": "2024-11-25T19:22:17.131Z", "dateUpdated": "2024-11-25T19:38:18.292Z"}, "containers": {"cna": {"title": "Lack of validation on openExternal allows 1 click remote code execution in joplin", "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "lang": "en", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/laurent22/joplin/security/advisories/GHSA-pc5v-xp44-5mgv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/laurent22/joplin/security/advisories/GHSA-pc5v-xp44-5mgv"}], "affected": [{"vendor": "laurent22", "product": "joplin", "versions": [{"version": "< 3.0.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-11-25T19:22:17.131Z"}, "descriptions": [{"lang": "en", "value": "Joplin is an open source, privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS. In affected versions attackers are able to abuse the fact that openExternal is used without any filtering of URI schemes to obtain remote code execution in Windows environments. This issue has been addressed in version 3.0.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability."}], "source": {"advisory": "GHSA-pc5v-xp44-5mgv", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "laurent_22", "product": "joplin", "cpes": ["cpe:2.3:a:laurent_22:joplin:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "3.0.3", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-25T19:35:21.372405Z", "id": "CVE-2024-53268", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-25T19:38:18.292Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-53268", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-25T19:35:21.372405Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:laurent_22:joplin:*:*:*:*:*:*:*:*"], "vendor": "laurent_22", "product": "joplin", "versions": [{"status": "affected", "version": "0", "lessThan": "3.0.3", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-25T19:36:53.503Z"}}], "cna": {"title": "Lack of validation on openExternal allows 1 click remote code execution in joplin", "source": {"advisory": "GHSA-pc5v-xp44-5mgv", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "laurent22", "product": "joplin", "versions": [{"status": "affected", "version": "< 3.0.3"}]}], "references": [{"url": "https://github.com/laurent22/joplin/security/advisories/GHSA-pc5v-xp44-5mgv", "name": "https://github.com/laurent22/joplin/security/advisories/GHSA-pc5v-xp44-5mgv", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Joplin is an open source, privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS. In affected versions attackers are able to abuse the fact that openExternal is used without any filtering of URI schemes to obtain remote code execution in Windows environments. This issue has been addressed in version 3.0.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-11-25T19:22:17.131Z"}}}, "cveMetadata": {"cveId": "CVE-2024-53268", "state": "PUBLISHED", "dateUpdated": "2024-11-25T19:38:18.292Z", "dateReserved": "2024-11-19T20:08:14.481Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-11-25T19:22:17.131Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}