Markdownify version 1.4.1 allows an external attacker to remotely obtain arbitrary local files on any client that attempts to view a malicious markdown file through Markdownify. This is possible because the application does not have a CSP policy (or at least not strict enough) and/or does not properly validate the contents of markdown files before rendering them.
References
Link | Resource |
---|---|
https://fluidattacks.com/advisories/noisestorm/ | Exploit Third Party Advisory |
https://github.com/amitmerchant1990/electron-markdownify | Product Third Party Advisory |
Configurations
History
04 Nov 2022, 14:57
Type | Values Removed | Values Added |
---|---|---|
First Time |
Markdownify Project
Markdownify Project markdownify |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-552 | |
CPE | cpe:2.3:a:markdownify_project:markdownify:1.4.1:*:*:*:*:*:*:* | |
References | (MISC) https://fluidattacks.com/advisories/noisestorm/ - Exploit, Third Party Advisory | |
References | (MISC) https://github.com/amitmerchant1990/electron-markdownify - Product, Third Party Advisory |
03 Nov 2022, 20:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-03 20:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-41710
Mitre link : CVE-2022-41710
CVE.ORG link : CVE-2022-41710
JSON object : View
Products Affected
markdownify_project
- markdownify
CWE
CWE-552
Files or Directories Accessible to External Parties