We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-47180

Shields.io Remote Code Execution vulnerability in Dynamic JSON/TOML/YAML badges



Description

Shields.io is a service for concise, consistent, and legible badges in SVG and raster format. Shields.io and users self-hosting their own instance of shields using version < `server-2024-09-25` are vulnerable to a remote execution vulnerability via the JSONPath library used by the Dynamic JSON/Toml/Yaml badges. This vulnerability would allow any user with access to make a request to a URL on the instance to the ability to execute code by crafting a malicious JSONPath expression. All users who self-host an instance are vulnerable. This problem was fixed in server-2024-09-25. Those who follow the tagged releases should update to `server-2024-09-25` or later. Those who follow the rolling tag on DockerHub, `docker pull shieldsio/shields:next` to update to the latest version. As a workaround, blocking access to the endpoints `/badge/dynamic/json`, `/badge/dynamic/toml`, and `/badge/dynamic/yaml` (e.g: via a firewall or reverse proxy in front of your instance) would prevent the exploitable endpoints from being accessed.

Reserved 2024-09-19 | Published 2024-09-26 | Updated 2024-09-26 | Assigner GitHub_M


HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Product status

< server-2024-09-25
affected

References

github.com/...hields/security/advisories/GHSA-rxvx-x284-4445

github.com/badges/shields/issues/10553

github.com/badges/shields/pull/10551

github.com/...ommit/ec1b6c8daccda075403c1688ac02603f7aaa50b2

cve.org (CVE-2024-47180)

nvd.nist.gov (CVE-2024-47180)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-47180

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.