Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by laf
CVE-2023-50253 (GCVE-0-2023-50253)
Vulnerability from cvelistv5 – Published: 2024-01-03 16:45 – Updated: 2025-06-09 18:48
VLAI
Title
laf logs leak
Summary
Laf is a cloud development platform. In the Laf version design, the log uses communication with k8s to quickly retrieve logs from the container without the need for additional storage. However, in version 1.0.0-beta.13 and prior, this interface does not verify the permissions of the pod, which allows authenticated users to obtain any pod logs under the same namespace through this method, thereby obtaining sensitive information printed in the logs. As of time of publication, no known patched versions exist.
Severity
9.7 (Critical)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/labring/laf/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/labring/laf/pull/1468 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:16:46.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f"
},
{
"name": "https://github.com/labring/laf/pull/1468",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labring/laf/pull/1468"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-50253",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T18:47:07.940532Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T18:48:18.796Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "laf",
"vendor": "labring",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.0.0-beta.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laf is a cloud development platform. In the Laf version design, the log uses communication with k8s to quickly retrieve logs from the container without the need for additional storage. However, in version 1.0.0-beta.13 and prior, this interface does not verify the permissions of the pod, which allows authenticated users to obtain any pod logs under the same namespace through this method, thereby obtaining sensitive information printed in the logs. As of time of publication, no known patched versions exist."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.7,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-03T16:45:11.778Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f"
},
{
"name": "https://github.com/labring/laf/pull/1468",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labring/laf/pull/1468"
}
],
"source": {
"advisory": "GHSA-g9c8-wh35-g75f",
"discovery": "UNKNOWN"
},
"title": "laf logs leak"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-50253",
"datePublished": "2024-01-03T16:45:11.778Z",
"dateReserved": "2023-12-05T20:42:59.378Z",
"dateUpdated": "2025-06-09T18:48:18.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-48225 (GCVE-0-2023-48225)
Vulnerability from cvelistv5 – Published: 2023-12-12 20:33 – Updated: 2024-08-02 21:23
VLAI
Title
Laf env causes sensitive information disclosure
Summary
Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it may lead to sensitive information leakage in secret and configmap. In ES6 syntax, if an obj directly references another obj, the name of the obj itself will be used as the key, and the entire object structure will be integrated intact. When constructing the deployment instance of the app, env was found from the database and directly inserted into the template, resulting in controllability here. Sensitive information in the secret and configmap can be read through the k8s envFrom field. In a privatization environment, when `namespaceConf. fixed` is marked, it may lead to the leakage of sensitive information in the system. As of time of publication, it is unclear whether any patches or workarounds exist.
Severity
8.9 (High)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/labring/laf/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/labring/laf/blob/main/server/s… | x_refsource_MISC |
| https://github.com/labring/laf/blob/main/server/s… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:23:39.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "laf",
"vendor": "labring",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.0-beta13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laf is a cloud development platform. Prior to version 1.0.0-beta.13, the control of LAF app enV is not strict enough, and in certain scenarios of privatization environment, it may lead to sensitive information leakage in secret and configmap. In ES6 syntax, if an obj directly references another obj, the name of the obj itself will be used as the key, and the entire object structure will be integrated intact. When constructing the deployment instance of the app, env was found from the database and directly inserted into the template, resulting in controllability here. Sensitive information in the secret and configmap can be read through the k8s envFrom field. In a privatization environment, when `namespaceConf. fixed` is marked, it may lead to the leakage of sensitive information in the system. As of time of publication, it is unclear whether any patches or workarounds exist."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T20:33:40.959Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/labring/laf/security/advisories/GHSA-hv2g-gxx4-fwxp"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labring/laf/blob/main/server/src/application/environment.controller.ts#L50"
},
{
"name": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/labring/laf/blob/main/server/src/instance/instance.service.ts#L306"
}
],
"source": {
"advisory": "GHSA-hv2g-gxx4-fwxp",
"discovery": "UNKNOWN"
},
"title": "Laf env causes sensitive information disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-48225",
"datePublished": "2023-12-12T20:33:40.959Z",
"dateReserved": "2023-11-13T13:25:18.480Z",
"dateUpdated": "2024-08-02T21:23:39.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}