Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by mehah

    CVE-2024-21623 (GCVE-0-2024-21623)

    Vulnerability from nvd – Published: 2024-01-02 20:29 – Updated: 2024-11-14 19:11
    VLAI
    Title
    Arbitrary Expression Injection in github workflow leads to Command execution & leaking secrets
    Summary
    OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    mehah otclient Affected: < db560de0b56476c87a2f967466407939196dd254
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:27:35.824Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589"
              },
              {
                "name": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254"
              },
              {
                "name": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104"
              },
              {
                "name": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/"
              },
              {
                "name": "https://securitylab.github.com/research/github-actions-untrusted-input/",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://securitylab.github.com/research/github-actions-untrusted-input/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21623",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-16T16:45:09.041911Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-14T19:11:03.581Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "otclient",
              "vendor": "mehah",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c db560de0b56476c87a2f967466407939196dd254"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient \"`Analysis - SonarCloud`\" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-02T20:29:14.163Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589"
            },
            {
              "name": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254"
            },
            {
              "name": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104"
            },
            {
              "name": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/"
            },
            {
              "name": "https://securitylab.github.com/research/github-actions-untrusted-input/",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://securitylab.github.com/research/github-actions-untrusted-input/"
            }
          ],
          "source": {
            "advisory": "GHSA-q6gr-wc79-v589",
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary Expression Injection in github workflow leads to Command execution \u0026 leaking secrets"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-21623",
        "datePublished": "2024-01-02T20:29:14.163Z",
        "dateReserved": "2023-12-29T03:00:44.953Z",
        "dateUpdated": "2024-11-14T19:11:03.581Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-21623 (GCVE-0-2024-21623)

    Vulnerability from cvelistv5 – Published: 2024-01-02 20:29 – Updated: 2024-11-14 19:11
    VLAI
    Title
    Arbitrary Expression Injection in github workflow leads to Command execution & leaking secrets
    Summary
    OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient "`Analysis - SonarCloud`" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    mehah otclient Affected: < db560de0b56476c87a2f967466407939196dd254
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T22:27:35.824Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589",
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589"
              },
              {
                "name": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254"
              },
              {
                "name": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104"
              },
              {
                "name": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/"
              },
              {
                "name": "https://securitylab.github.com/research/github-actions-untrusted-input/",
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://securitylab.github.com/research/github-actions-untrusted-input/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-21623",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-16T16:45:09.041911Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-14T19:11:03.581Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "otclient",
              "vendor": "mehah",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c db560de0b56476c87a2f967466407939196dd254"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OTCLient is an alternative tibia client for otserv. Prior to commit db560de0b56476c87a2f967466407939196dd254, the /mehah/otclient \"`Analysis - SonarCloud`\" workflow is vulnerable to an expression injection in Actions, allowing an attacker to run commands remotely on the runner, leak secrets, and alter the repository using this workflow. Commit db560de0b56476c87a2f967466407939196dd254 contains a fix for this issue."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-02T20:29:14.163Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/mehah/otclient/security/advisories/GHSA-q6gr-wc79-v589"
            },
            {
              "name": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/mehah/otclient/commit/db560de0b56476c87a2f967466407939196dd254"
            },
            {
              "name": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/mehah/otclient/blob/72744edc3b9913b920e0fd12e929604f682fda75/.github/workflows/analysis-sonarcloud.yml#L91-L104"
            },
            {
              "name": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://securitylab.github.com/research/github-actions-preventing-pwn-requests/"
            },
            {
              "name": "https://securitylab.github.com/research/github-actions-untrusted-input/",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://securitylab.github.com/research/github-actions-untrusted-input/"
            }
          ],
          "source": {
            "advisory": "GHSA-q6gr-wc79-v589",
            "discovery": "UNKNOWN"
          },
          "title": "Arbitrary Expression Injection in github workflow leads to Command execution \u0026 leaking secrets"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2024-21623",
        "datePublished": "2024-01-02T20:29:14.163Z",
        "dateReserved": "2023-12-29T03:00:44.953Z",
        "dateUpdated": "2024-11-14T19:11:03.581Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }