CVE-2024-10491
published 2024-10-29CVE-2024-10491: A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data…
PriorityP431medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
EPSS
0.43%
34.4th percentile
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.
The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources.
This vulnerability is especially relevant for dynamic parameters.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | node-express | < node-express 4.1.1~dfsg-1 (bookworm) | node-express 4.1.1~dfsg-1 (bookworm) |
| express | express | >= 0 < 4.0.0-rc1 | 4.0.0-rc1 |
| express | express | 3.0.0-alpha1 – 3.21.2 | — |
| openjsf | express | >= 3.0.0 < 3.21.5 | 3.21.5 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
osv5.3MEDIUM
vendor_debian4.0MEDIUM
vendor_redhat4.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Express ressource injection
osv·2024-10-29
CVE-2024-10491 [MEDIUM] Express ressource injection
Express ressource injection
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.
The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources.
This vulnerability is especially relevant for dynamic parameters.
GHSA
Express ressource injection
ghsa·2024-10-29
CVE-2024-10491 [MEDIUM] CWE-74 Express ressource injection
Express ressource injection
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.
The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources.
This vulnerability is especially relevant for dynamic parameters.
OSV
CVE-2024-10491: A vulnerability has been identified in the Express response
osv·2024-10-29·CVSS 5.3
CVE-2024-10491 [MEDIUM] CVE-2024-10491: A vulnerability has been identified in the Express response
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources. This vulnerability is especially relevant for dynamic parameters.
Red Hat
express: Preload arbitrary resources by injecting additional `Link` headers
vendor_redhat·2024-10-29·CVSS 4.0
CVE-2024-10491 [MEDIUM] CWE-74 express: Preload arbitrary resources by injecting additional `Link` headers
express: Preload arbitrary resources by injecting additional `Link` headers
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used.
The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources.
This vulnerability is especially relevant for dynamic parameters.
A flaw was found in the Express Node.js framework. In certain versions, an attacker may be able to trigger an arbitrary resource injection attack via the link header when unsanitized data is used.
Statement: This CVE affects Express versions 3.21.4 and prior, which have reached end of life status. No Red Hat products
Debian
CVE-2024-10491: node-express - A vulnerability has been identified in the Express response.links function, allo...
vendor_debian·2024·CVSS 4.0
CVE-2024-10491 [MEDIUM] CVE-2024-10491: node-express - A vulnerability has been identified in the Express response.links function, allo...
A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources. This vulnerability is especially relevant for dynamic parameters.
Scope: local
bookworm: resolved (fixed in 4.1.1~dfsg-1)
bullseye: resolved (fixed in 4.1.1~dfsg-1)
forky: resolved (fixed in 4.1.1~dfsg-1)
sid: resolved (fixed in 4.1.1~dfsg-1)
trixie: resolved (fixed in 4.1.1~dfsg-1)
Suricata
GPL WEB_SERVER global.asa access
suricata·2010-09-23
CVE-2000-0778 GPL WEB_SERVER global.asa access
GPL WEB_SERVER global.asa access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL WEB_SERVER global.asa access"; flow:established,to_server; http.uri; content:"/global.asa"; nocase; reference:cve,2000-0778; reference:nessus,10491; reference:nessus,10991; classtype:web-application-activity; sid:2101016; rev:17; metadata:created_at 2010_09_23, cve CVE_2000_0778, signature_severity Unknown, updated_at 2024_03_08;)
No public exploits indexed.
2024-10-29
Published