CVE-2023-35167
low-risk
Published 2023-06-23
Remult is a CRUD framework for full-stack TypeScript. If you used the apiPrefilter option of the `@Entity` decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the `id` of an entity instance is not authorized to access, can gain read, update and delete access to it. The issue is fixed in version 0.20.6. As a workaround, set the `apiPrefilter` option to a filter object instead of a function.
Do I need to act?
-
0.07% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.0/10
Medium
NETWORK
/ HIGH complexity
Affected Products (1)
Remult
Affected Vendors
References (6)
Release Notes
https://github.com/remult/remult/releases/tag/v0.20.6
Third Party Advisory
https://github.com/remult/remult/security/advisories/GHSA-7hh3-3x64-v2g9
Release Notes
https://github.com/remult/remult/releases/tag/v0.20.6
Third Party Advisory
https://github.com/remult/remult/security/advisories/GHSA-7hh3-3x64-v2g9
21
/ 100
low-risk
Severity
16/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal