CVE-2023-50710

Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources. TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter. Version 3.11.7 includes the change to fix this issue. As a workaround, avoid using TrieRouter directly.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8	Patch
https://github.com/honojs/hono/releases/tag/v3.11.7	Release Notes
https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hono:hono:*:*:*:*:*:node.js:*:*

History

19 Dec 2023, 19:44

Type	Values Removed	Values Added
References	~~() https://github.com/honojs/hono/releases/tag/v3.11.7 -~~	() https://github.com/honojs/hono/releases/tag/v3.11.7 - Release Notes
References	~~() https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq -~~	() https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq - Exploit, Vendor Advisory
References	~~() https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8 -~~	() https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.3
CPE		cpe:2.3:a:hono:hono::::::node.js::*

14 Dec 2023, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-12-14 18:15

Updated : 2024-02-05 00:22

NVD link : CVE-2023-50710

Mitre link : CVE-2023-50710

CVE.ORG link : CVE-2023-50710

JSON object : View

Products Affected

hono

hono

CWE

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2023-50710", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 2.5, "exploitabilityScore": 1.6}]}, "published": "2023-12-14T18:15:45.270", "references": [{"url": "https://github.com/honojs/hono/commit/8e2b6b08518998783f66d31db4f21b1b1eecc4c8", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/honojs/hono/releases/tag/v3.11.7", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/honojs/hono/security/advisories/GHSA-f6gv-hh8j-q8vq", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Hono is a web framework written in TypeScript. Prior to version 3.11.7, clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources. TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter. Version 3.11.7 includes the change to fix this issue. As a workaround, avoid using TrieRouter directly."}, {"lang": "es", "value": "Hono es un framework web escrito en TypeScript. Antes de la versi\u00f3n 3.11.7, los clientes pueden anular los valores de los par\u00e1metros de ruta con nombre de solicitudes anteriores si la aplicaci\u00f3n utiliza TrieRouter. Por lo tanto, existe el riesgo de que un usuario privilegiado utilice par\u00e1metros no deseados al eliminar recursos de la API REST. TrieRouter se usa expl\u00edcitamente o cuando la aplicaci\u00f3n coincide con un patr\u00f3n que no es compatible con el RegExpRouter predeterminado. La versi\u00f3n 3.11.7 incluye el cambio para solucionar este problema. Como workaround, evite utilizar TrieRouter directamente."}], "lastModified": "2023-12-19T19:44:37.647", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hono:hono:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "74A7A157-DE4D-4445-9670-2EBF795FAB11", "versionEndExcluding": "3.11.7"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}