CVE-2024-52011

描述

### Summary Due to the insufficient sanitization of the `file` argument in the `launchEditor`, an attacker can execute arbitrary commands on Windows by supplying a filename that contains special characters. ### Impact If the following conditions are met, an attacker can execute arbitrary commands on the computer that is using the `launch-editor`: - An attacker can place a file with the malicious filename - An attacker can call the `launchEditor` method with the `file` argument controlled - The `launch-editor` package is running on Windows For example, some development server using this package satisfy these conditions, as a malicious website might be able to force the downloading of a file and the path of that file is predictable. ### Patch This issue has been fixed in the `launch-editor` version 2.9.0 ([commit](https://github.com/vitejs/launch-editor/commit/971291e8a6a91226e1616c5c0ec85423d2d50a5e)).

受影響套件(2)

• npm/launch-editorfrom 0, < 2.9.0
• npm/vitefrom 0, < 5.4.9

CVSS 分數

參考連結(5)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-52011
• PATCHhttps://github.com/vitejs/launch-editor
• WEBhttps://github.com/vitejs/launch-editor/commit/971291e8a6a91226e1616c5c0ec85423d2d50a5e
• WEBhttps://github.com/vitejs/launch-editor/security/advisories/GHSA-c27g-q93r-2cwf
• WEBhttps://github.com/yyx990803/launch-editor/security/advisories/GHSA-c27g-q93r-2cwf