Vulnerability Details : CVE-2022-25863
The package gatsby-plugin-mdx before 2.14.1, from 3.0.0 and before 3.15.2 are vulnerable to Deserialization of Untrusted Data when passing input through to the gray-matter package, due to its default configurations that are missing input sanitization. Exploiting this vulnerability is possible when passing input in both webpack (MDX files in src/pages or MDX file imported as a component in frontend / React code) and data mode (querying MDX nodes via GraphQL). Workaround: If an older version of gatsby-plugin-mdx must be used, input passed into the plugin should be sanitized ahead of processing.
Products affected by CVE-2022-25863
- cpe:2.3:a:gatsbyjs:gatsby:*:*:*:*:*:node.js:*:*
- cpe:2.3:a:gatsbyjs:gatsby:*:*:*:*:*:node.js:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-25863
0.79%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-25863
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | |
8.1
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
2.8
|
5.2
|
Snyk |
CWE ids for CVE-2022-25863
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-25863
-
https://github.com/gatsbyjs/gatsby/pull/35830
fix(gatsby-plugin-mdx): don't allow JS frontmatter by default by pieh · Pull Request #35830 · gatsbyjs/gatsby · GitHubExploit;Patch;Third Party Advisory
-
https://github.com/gatsbyjs/gatsby/pull/35830/commits/f214eb0694c61e348b2751cecd1aace2046bc46e
fix(gatsby-plugin-mdx): don't allow JS frontmatter by default by pieh · Pull Request #35830 · gatsbyjs/gatsby · GitHubPatch;Third Party Advisory
-
https://snyk.io/vuln/SNYK-JS-GATSBYPLUGINMDX-2405699
Deserialization of Untrusted Data in gatsby-plugin-mdx | CVE-2022-25863 | SnykExploit;Third Party Advisory
-
https://drive.google.com/file/d/1EoCzbwTWOM8-fjvwMbH3bqcZ2iKksxTW/view?usp=sharing
https://drive.google.com/file/d/1EoCzbwTWOM8-fjvwMbH3bqcZ2iKksxTW/view?usp=sharingExploit;Third Party Advisory
Jump to