CVE-2024-53848

描述

### Impact The default cache strategy uses the basename of a remote schema as the name of the file in the cache, e.g. `https://example.org/schema.json` will be stored as `schema.json`. This naming allows for conflicts. If an attacker can get a user to run `check-jsonschema` against a malicious schema URL, e.g., `https://example.evil.org/schema.json`, they can insert their own schema into the cache and it will be picked up and used instead of the appropriate schema. Such a cache confusion attack could be used to allow data to pass validation which should have been rejected. ### Patches A patch is in progress but has not yet been released. ### Workarounds - Users can use `--no-cache` to disable caching. - Users can use `--cache-filename` to select filenames for use in the cache, or to ensure that other usages do not overwrite the cached schema. (Note: this flag is being deprecated as part of the remediation effort.) - Users can explicitly download the schema before use as a local file, as in `curl -LOs https://example.org/schema.json; check-jsonschema --schemafile ./schema.json`

如何修補 CVE-2024-53848

要修補 CVE-2024-53848,請將受影響套件升級到下列已修補版本。

—升級至 0.30.0 或更新版本

CVE-2024-53848 正在被利用嗎?

低 — EPSS 為 0.0%,目前沒有觀察到大規模利用活動。

受影響套件(1)

from 0, < 0.30.0

CVSS 分數

來源	版本	嚴重程度	向量

osv	CVSS 4.0	—	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N
osv	CVSS 3.1	HIGH7.1	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

描述

如何修補 CVE-2024-53848

CVE-2024-53848 正在被利用嗎?

受影響套件(1)

CVSS 分數

參考連結(4)