CVSS: 8.6EPSS: 91%CPEs: 1EXPL: 2CVE-2021-32820 – File disclosure in Express Handlebars
https://notcve.org/view.php?id=CVE-2021-32820
14 May 2021 — Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extentions (i.e. file.extension) can be included, files that lack an extension will have .handlebars appended to them. For complete details refer... • https://github.com/express-handlebars/express-handlebars/blob/78c47a235c4ad7bc2674bddd8ec2721567ed8c72/README.md#danger- • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32817 – File disclosure in express-hbs
https://notcve.org/view.php?id=CVE-2021-32817
14 May 2021 — express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extentions (i.e. file.extension) can be included, files that lack an extension will have .hbs appended to them. For complete details refer to the referenced G... • https://github.com/TryGhost/express-hbs#%EF%B8%8F-this-creates-a-potential-security-vulnerability • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32573
https://notcve.org/view.php?id=CVE-2021-32573
11 May 2021 — The express-cart package through 1.1.10 for Node.js allows Reflected XSS (for an admin) via a user input field for product options. NOTE: the vendor states that this "would rely on an admin hacking his/her own website. ** EN DISPUTA ** El paquete express-cart versiones hasta 1.1.10 para Node.js permite un ataque de tipo XSS Reflejado (para un administrador) por medio de un campo de entrada de usuario para las opciones del producto. NOTA: el proveedor afirma que esto "dependería de que un hacking admini... • https://hackerone.com/reports/395944 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23372 – Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2021-23372
13 Apr 2021 — All versions of package mongo-express are vulnerable to Denial of Service (DoS) when exporting an empty collection as CSV, due to an unhandled exception, leading to a crash. Todas las versiones del paquete mongo-express son vulnerables a una Denegación de Servicio (DoS) al exportar una colección vacía como CSV, debido a una excepción no controlada, conllevando a un bloqueo • https://snyk.io/vuln/SNYK-JS-MONGOEXPRESS-1085403 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 90%CPEs: 1EXPL: 0CVE-2020-24391
https://notcve.org/view.php?id=CVE-2020-24391
30 Mar 2021 — mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769. mongo-express en versiones anteriores a la 1.0.0 ofrece soporte para cierta sintaxis avanzada pero lo implementa de una manera insegura. NOTA: esto puede superponerse a CVE-2019-10769. • https://github.com/mongo-express/mongo-express/commit/3a26b079e7821e0e209c3ee0cc2ae15ad467b91a •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2020-29579
https://notcve.org/view.php?id=CVE-2020-29579
08 Dec 2020 — The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access. Las imágenes oficiales de Docker Express Gateway versiones anteriores a 1.14.0, contienen una contraseña en blanco para un usuario root. Los sistemas que utilizan el contenedor Docker Express Gateway implementado por las versiones afectadas de la imagen ... • https://github.com/koharin/koharin2/blob/main/CVE-2020-29579 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-7767 – Regular Expression Denial of Service (ReDoS)
https://notcve.org/view.php?id=CVE-2020-7767
11 Nov 2020 — All versions of package express-validators are vulnerable to Regular Expression Denial of Service (ReDoS) when validating specifically-crafted invalid urls. Todas las versiones de los validadores rápidos de paquetes son vulnerables a la Denegación de servicio de expresiones regulares (ReDoS) al validar URL no válidas específicamente diseñadas • https://snyk.io/vuln/SNYK-JS-EXPRESSVALIDATORS-1017404 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 5CVE-2020-7699 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2020-7699
30 Jul 2020 — This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution. Esto afecta el paquete express-fileupload versiones anteriores a 1.1.8. Si la opción parseNested está habilitada, el envío de una petición HTTP corrupta puede conllevar a una denegación de servicio o una ejecución de código arbitraria • https://github.com/ossf-cve-benchmark/CVE-2020-7699 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-7616
https://notcve.org/view.php?id=CVE-2020-7616
07 Apr 2020 — express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the `Object.prototype`. Exploitation of this vulnerability requires creation of a new directory where an attack code can be placed which will then be exported by `express-mock-middleware`. As such, this is considered to be a low risk. express-mock-middleware versiones hasta 0.0.6, es vulnerable a una Contaminación de Prototipos. Las funciones exp... • https://github.com/LingyuCoder/express-mock-middleware/blob/master/lib/index.js#L39 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.9EPSS: 94%CPEs: 1EXPL: 4CVE-2019-10758 – MongoDB mongo-express Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-10758
24 Dec 2019 — mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. A misuse of the `vm` dependency to perform `exec` commands in a non-safe environment. mongo-express versiones anteriores a 0.54.0, es vulnerable a una ejecución de código remota por medio de endpoints que utilizan el método "toBSON". Un uso inapropiado de la dependencia "vm" para ejecutar comandos "exec" en un entorno no seguro. mongo-express before 0.54.0 is vulnerable to Remote Code Execution vi... • https://github.com/masahiro331/CVE-2019-10758 • CWE-94: Improper Control of Generation of Code ('Code Injection') •