CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37904 – Denial of service from maliciously configured Git repository in Minder
https://notcve.org/view.php?id=CVE-2024-37904
Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the `github.com/go-git/go-git/v5` library on lines `L55-L89`. The Git provider does the following on the lines `L56-L62`. First, it sets the `CloneOptions`, specifying the url, the depth etc. • https://github.com/stacklok/minder/blob/85985445c8ac3e51f03372e99c7b2f08a6d274aa/internal/providers/git/git.go#L55-L89 https://github.com/stacklok/minder/blob/85985445c8ac3e51f03372e99c7b2f08a6d274aa/internal/providers/git/git.go#L56-L62 https://github.com/stacklok/minder/commit/7979b43 https://github.com/stacklok/minder/security/advisories/GHSA-hpcg-xjq5-g666 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35238 – Denial of service of Minder Server from maliciously crafted GitHub attestations
https://notcve.org/view.php?id=CVE-2024-35238
Minder by Stacklok is an open source software supply chain security platform. Minder prior to version 0.0.51 is vulnerable to a denial-of-service (DoS) attack which could allow an attacker to crash the Minder server and deny other users access to it. The root cause of the vulnerability is that Minders sigstore verifier reads an untrusted response entirely into memory without enforcing a limit on the response body. An attacker can exploit this by making Minder make a request to an attacker-controlled endpoint which returns a response with a large body which will crash the Minder server. Specifically, the point of failure is where Minder parses the response from the GitHub attestations endpoint in `getAttestationReply`. • https://github.com/stacklok/minder/blob/daccbc12e364e2d407d56b87a13f7bb24cbdb074/internal/verifier/sigstore/container/container.go#L271-L300 https://github.com/stacklok/minder/commit/fe321d345b4f738de6a06b13207addc72b59f892 https://github.com/stacklok/minder/security/advisories/GHSA-8fmj-33gw-g7pw • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35194 – Stacklok Minder vulnerable to denial of service from maliciously crafted templates
https://notcve.org/view.php?id=CVE-2024-35194
Minder is a software supply chain security platform. Prior to version 0.0.50, Minder engine is susceptible to a denial of service from memory exhaustion that can be triggered from maliciously created templates. Minder engine uses templating to generate strings for various use cases such as URLs, messages for pull requests, descriptions for advisories. In some cases can the user control both the template and the params for it, and in a subset of these cases, Minder reads the generated template entirely into memory. When Minders templating meets both of these conditions, an attacker is able to generate large enough templates that Minder will exhaust memory and crash. • https://github.com/stacklok/minder/commit/fe321d345b4f738de6a06b13207addc72b59f892 https://github.com/stacklok/minder/security/advisories/GHSA-crgc-2583-rw27 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35185 – Denial of service of Minder Server with attacker-controlled REST endpoint
https://notcve.org/view.php?id=CVE-2024-35185
Minder is a software supply chain security platform. Prior to version 0.0.49, the Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server. The REST ingester allows users to interact with REST endpoints to fetch data for rule evaluation. When fetching data with the REST ingester, Minder sends a request to an endpoint and will use the data from the body of the response as the data to evaluate against a certain rule. If the response is sufficiently large, it can drain memory on the machine and crash the Minder server. • https://github.com/stacklok/minder/commit/065049336aac0621ee00a0bb2211f8051d47c14b https://github.com/stacklok/minder/security/advisories/GHSA-fjw8-3gp8-4cvx • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34084 – Minder's Github Webhook Handler vulnerable to denial of service from un-validated requests
https://notcve.org/view.php?id=CVE-2024-34084
Minder's `HandleGithubWebhook` is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests to `HandleGithubWebhook` to crash the Minder controlplane and deny other users from using it. This vulnerability is fixed in 0.0.48. El `HandleGithubWebhook` de Minder es susceptible a un ataque de denegación de servicio procedente de una solicitud HTTP que no es de confianza. • https://github.com/stacklok/minder/commit/3e5a527d2f1b535159206161d1d519602c75bd0d https://github.com/stacklok/minder/security/advisories/GHSA-9c5w-9q3f-3hv7 • CWE-400: Uncontrolled Resource Consumption •