GHSA-vm2p-f5j4-mj6g
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vm2p-f5j4-mj6g
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-vm2p-f5j4-mj6g/GHSA-vm2p-f5j4-mj6g.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-vm2p-f5j4-mj6g
- Aliases
- Published
- 2022-05-14T03:05:44Z
- Modified
- 2023-11-01T04:48:48.478877Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- Auth0 angular-jwt misinterprets allowlist as regex
- Details
-
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the
jwtInterceptorProvider.whiteListedDomainssetting to bypass the domain allowlist filter via a crafted domain.For example, if the setting is initialized with:
jwtInterceptorProvider.whiteListedDomains = ['whitelisted.Example.com'];An attacker can set up a domain
whitelistedXexample.comthat will pass the allow list filter, as it considers the.separator to be a regex whildcard which matches any character. - Database specific
{ "github_reviewed_at": "2023-10-19T18:21:26Z", "severity": "MODERATE", "cwe_ids": [ "CWE-20" ], "github_reviewed": true, "nvd_published_at": "2018-06-19T19:29:00Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2018-11537
- https://github.com/auth0/angular-jwt/pull/174
- https://github.com/auth0/angular-jwt/commit/a4f03b49c3fb47cc6375c2a33b5ac11ca3c606f0
- https://github.com/auth0/angular-jwt/commit/e368cf124443507f1710f60ae855c4c54eebc6ea
- https://auth0.com/docs/security/bulletins/cve-2018-11537
- https://github.com/auth0/angular-jwt
Affected packages
npm / angular-jwt
Package
- Name
- angular-jwt
- View open source insights on deps.dev
- Purl
- pkg:npm/angular-jwt