admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-21583.md
0xMarcio 3428c6bdc6 Update CVE sources 2024-08-05 18:41
2024-08-05 18:41:32 +00:00

29 lines
2.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

### [CVE-2024-21583](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21583)
![](https://img.shields.io/static/v1?label=Product&message=%40gitpod%2Fgitpod-protocol&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2Fgitpod-io%2Fgitpod%2Fcomponents%2Fserver%2Fgo%2Fpkg%2Flib&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2Fgitpod-io%2Fgitpod%2Fcomponents%2Fws-proxy%2Fpkg%2Fproxy&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2Fgitpod-io%2Fgitpod%2Finstall%2Finstaller%2Fpkg%2Fcomponents%2Fauth&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2Fgitpod-io%2Fgitpod%2Finstall%2Finstaller%2Fpkg%2Fcomponents%2Fpublic-api-server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2Fgitpod-io%2Fgitpod%2Finstall%2Finstaller%2Fpkg%2Fcomponents%2Fserver&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%200.1.5-main-gha.27122%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20main-gha.27122%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cookie%20Tossing&color=brighgreen)
### Description
Versions of the package github.com/gitpod-io/gitpod/components/server/go/pkg/lib before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/components/ws-proxy/pkg/proxy before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/auth before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/public-api-server before main-gha.27122; versions of the package github.com/gitpod-io/gitpod/install/installer/pkg/components/server before main-gha.27122; versions of the package @gitpod/gitpod-protocol before 0.1.5-main-gha.27122 are vulnerable to Cookie Tossing due to a missing __Host- prefix on the _gitpod_io_jwt2_ session cookie. This allows an adversary who controls a subdomain to set the value of the cookie on the Gitpod control plane, which can be assigned to an attackers own JWT so that specific actions taken by the victim (such as connecting a new Github organization) are actioned by the attackers session.
### POC
#### Reference
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077
- https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078
- https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink