Vulnerability Description
Remult is a CRUD framework for full-stack TypeScript. If you used the apiPrefilter option of the `@Entity` decorator, by setting it to a function that returns a filter that prevents unauthorized access to data, an attacker who knows the `id` of an entity instance is not authorized to access, can gain read, update and delete access to it. The issue is fixed in version 0.20.6. As a workaround, set the `apiPrefilter` option to a filter object instead of a function.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Remult | Remult | < 0.20.6 |
Related Weaknesses (CWE)
References
- https://github.com/remult/remult/commit/6892ae97134126d8710ef7302bb2fc37730994c5Patch
- https://github.com/remult/remult/releases/tag/v0.20.6Release Notes
- https://github.com/remult/remult/security/advisories/GHSA-7hh3-3x64-v2g9Third Party Advisory
- https://github.com/remult/remult/commit/6892ae97134126d8710ef7302bb2fc37730994c5Patch
- https://github.com/remult/remult/releases/tag/v0.20.6Release Notes
- https://github.com/remult/remult/security/advisories/GHSA-7hh3-3x64-v2g9Third Party Advisory
FAQ
What is CVE-2023-35167?
CVE-2023-35167 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Remult is a CRUD framework for full-stack TypeScript. If you used the apiPrefilter option of the `@Entity` decorator, by setting it to a function that returns a filter that prevents unauthorized acces...
How severe is CVE-2023-35167?
CVE-2023-35167 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-35167?
Check the references section above for vendor advisories and patch information. Affected products include: Remult Remult.