CVE-2022-22984

{"id": "CVE-2022-22984", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.6}]}, "published": "2022-11-30T13:15:10.517", "references": [{"url": "https://github.com/snyk/cli/commit/80d97a93326406e09776156daf72e3caa03ae25a", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-cocoapods-plugin/commit/c73e049c5200772babde61c40aab57296bf91381", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-docker-plugin/commit/d730d7630691a61587b120bb11daaaf4b58a8357", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-gradle-plugin/commit/bb1c1c72a75e97723a76b14d2d73f70744ed5009", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-hex-plugin/commit/e8dd2a330b40d7fc0ab47e34413e80a0146d7ac3", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-mvn-plugin/commit/02cda9ba1ea36b00ead3f6ec2de0f97397ebec50", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-python-plugin/commit/8591abdd9236108ac3e30c70c09238d6bb6aabf4", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://github.com/snyk/snyk-sbt-plugin/commit/99c09eb12c9f8f2b237aea9627aab1ae3cab6437", "tags": ["Patch", "Third Party Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYK-3038622", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKDOCKERPLUGIN-3039679", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKGRADLEPLUGIN-3038624", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKMVNPLUGIN-3038623", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKPYTHONPLUGIN-3039677", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKSBTPLUGIN-3038626", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-JS-SNYKSNYKHEXPLUGIN-3039680", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "report@snyk.io"}, {"url": "https://www.imperva.com/blog/how-scanning-your-projects-for-security-issues-can-lead-to-remote-code-execution/", "tags": ["Exploit", "Third Party Advisory"], "source": "report@snyk.io"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2.31.3; the package snyk-gradle-plugin before 3.24.5; the package @snyk/snyk-cocoapods-plugin before 2.5.3; the package snyk-sbt-plugin before 2.16.2; the package snyk-python-plugin before 1.24.2; the package snyk-docker-plugin before 5.6.5; the package @snyk/snyk-hex-plugin before 1.1.6 are vulnerable to Command Injection due to an incomplete fix for [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK-3037342). A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to exploit this vulnerability, a user would have to execute the snyk test command on untrusted files. In most cases, an attacker positioned to control the command line arguments to the Snyk CLI would already be positioned to execute arbitrary commands. However, this could be abused in specific scenarios, such as continuous integration pipelines, where developers can control the arguments passed to the Snyk CLI to leverage this component as part of a wider attack against an integration/build pipeline. This issue has been addressed in the latest Snyk Docker images available at https://hub.docker.com/r/snyk/snyk as of 2022-11-29. Images downloaded and built prior to that date should be updated. The issue has also been addressed in the Snyk TeamCity CI/CD plugin as of version v20221130.093605."}, {"lang": "es", "value": "El paquete snyk antes de 1.1064.0; el paquete snyk-mvn-plugin anterior a 2.31.3; el paquete snyk-gradle-plugin anterior a 3.24.5; el paquete @snyk/snyk-cocoapods-plugin anterior a 2.5.3; el paquete snyk-sbt-plugin anterior a 2.16.2; el paquete snyk-python-plugin anterior a 1.24.2; el paquete snyk-docker-plugin anterior a 5.6.5; el paquete @snyk/snyk-hex-plugin anterior a 1.1.6 es vulnerable a la inyecci\u00f3n de comandos debido a una soluci\u00f3n incompleta para [CVE-2022-40764](https://security.snyk.io/vuln/SNYK-JS-SNYK -3037342). Un exploit exitoso permite a los atacantes ejecutar comandos arbitrarios en el sistema host donde est\u00e1 instalada la CLI de Snyk al pasar indicadores de l\u00ednea de comando manipulado. Para aprovechar esta vulnerabilidad, un usuario tendr\u00eda que ejecutar el comando snyk test en archivos que no sean de confianza. En la mayor\u00eda de los casos, un atacante posicionado para controlar los argumentos de la l\u00ednea de comandos de la CLI de Snyk ya estar\u00eda posicionado para ejecutar comandos arbitrarios. Sin embargo, se podr\u00eda abusar de esto en escenarios espec\u00edficos, como canales de integraci\u00f3n continua, donde los desarrolladores pueden controlar los argumentos pasados ??a la CLI de Snyk para aprovechar este componente como parte de un ataque m\u00e1s amplio contra un canal de integraci\u00f3n/compilaci\u00f3n. Este problema se solucion\u00f3 en las \u00faltimas im\u00e1genes de Snyk Docker disponibles en https://hub.docker.com/r/snyk/snyk a partir del 29 de noviembre de 2022. Las im\u00e1genes descargadas y creadas antes de esa fecha deben actualizarse. El problema tambi\u00e9n se solucion\u00f3 en el complemento Snyk TeamCity CI/CD a partir de la versi\u00f3n v20221130.093605."}], "lastModified": "2023-08-08T14:22:24.967", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:snyk:snyk_cli:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD69CF9C-0537-454E-B35D-51B58C154555", "versionEndExcluding": "1.1064.0"}, {"criteria": "cpe:2.3:a:snyk:snyk_cocoapods_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "7EC9CA0A-A963-45D1-86E6-9A24A9FF86B5", "versionEndExcluding": "2.5.3"}, {"criteria": "cpe:2.3:a:snyk:snyk_docker_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "CA928136-DD61-4BA2-A171-CF6893EC4BA3", "versionEndExcluding": "5.6.5"}, {"criteria": "cpe:2.3:a:snyk:snyk_gradle_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "41D80E25-1B78-49F5-8210-0B81C61C4B36", "versionEndExcluding": "3.24.5"}, {"criteria": "cpe:2.3:a:snyk:snyk_hex_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "1A4DC78C-CAE6-463F-9315-92984BB9C0B2", "versionEndExcluding": "1.1.6"}, {"criteria": "cpe:2.3:a:snyk:snyk_maven_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "D298D7E5-0E40-4729-A9A6-471ABDFD6692", "versionEndExcluding": "2.31.3"}, {"criteria": "cpe:2.3:a:snyk:snyk_python_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "F341718C-7869-4959-ABBE-4D7036F3D9C9", "versionEndExcluding": "1.24.2"}, {"criteria": "cpe:2.3:a:snyk:snyk_sbt_cli:*:*:*:*:*:snyk:*:*", "vulnerable": true, "matchCriteriaId": "C5425F5D-615B-4925-AB25-02B68E2C97FE", "versionEndExcluding": "2.16.2"}], "operator": "OR"}]}], "sourceIdentifier": "report@snyk.io"}