CVE-2024-29042 - Vulnerability Details - OpenCVE

Translate is a package that allows users to convert text to different languages on Node.js and the browser. Prior to version 3.0.0, an attacker controlling the second variable of the `translate` function is able to perform a cache poisoning attack. They can change the outcome of translation requests made by subsequent users. The `opt.id` parameter allows the overwriting of the cache key. If an attacker sets the `id` variable to the cache key that would be generated by another user, they can choose the response that user gets served. Version 3.0.0 fixes this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact partial

Vendors	Products
Franciscop	Translate

No data.

No data.

References

Link	Providers
https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4
https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3
https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-22T16:46:21.456Z

Updated: 2024-08-02T01:03:51.704Z

Reserved: 2024-03-14T16:59:47.614Z

Link: CVE-2024-29042

Vulnrichment

Updated: 2024-08-01T20:50:27.695Z

NVD

Status : Awaiting Analysis

Published: 2024-03-22T17:15:07.990

Modified: 2024-11-21T09:07:26.187

Link: CVE-2024-29042

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29042", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-14T16:59:47.614Z", "datePublished": "2024-03-22T16:46:21.456Z", "dateUpdated": "2024-08-02T01:03:51.704Z"}, "containers": {"cna": {"title": "Translate Cache Poisoning Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj"}, {"name": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4", "tags": ["x_refsource_MISC"], "url": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4"}, {"name": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3", "tags": ["x_refsource_MISC"], "url": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3"}], "affected": [{"vendor": "franciscop", "product": "translate", "versions": [{"version": "< 3.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-22T16:46:21.456Z"}, "descriptions": [{"lang": "en", "value": "Translate is a package that allows users to convert text to different languages on Node.js and the browser. Prior to version 3.0.0, an attacker controlling the second variable of the `translate` function is able to perform a cache poisoning attack. They can change the outcome of translation requests made by subsequent users. The `opt.id` parameter allows the overwriting of the cache key. If an attacker sets the `id` variable to the cache key that would be generated by another user, they can choose the response that user gets served. Version 3.0.0 fixes this issue."}], "source": {"advisory": "GHSA-882j-4vj5-7vmj", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "franciscop", "product": "translate", "cpes": ["cpe:2.3:a:franciscop:translate:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "3.0.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-01T20:47:55.700604Z", "id": "CVE-2024-29042", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T20:50:38.165Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:03:51.704Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj"}, {"name": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4"}, {"name": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3"}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-29042", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-14T16:59:47.614Z", "datePublished": "2024-03-22T16:46:21.456Z", "dateUpdated": "2024-08-01T20:50:38.165Z"}, "containers": {"cna": {"title": "Translate Cache Poisoning Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj"}, {"name": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4", "tags": ["x_refsource_MISC"], "url": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4"}, {"name": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3", "tags": ["x_refsource_MISC"], "url": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3"}], "affected": [{"vendor": "franciscop", "product": "translate", "versions": [{"version": "< 3.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-22T16:46:21.456Z"}, "descriptions": [{"lang": "en", "value": "Translate is a package that allows users to convert text to different languages on Node.js and the browser. Prior to version 3.0.0, an attacker controlling the second variable of the `translate` function is able to perform a cache poisoning attack. They can change the outcome of translation requests made by subsequent users. The `opt.id` parameter allows the overwriting of the cache key. If an attacker sets the `id` variable to the cache key that would be generated by another user, they can choose the response that user gets served. Version 3.0.0 fixes this issue."}], "source": {"advisory": "GHSA-882j-4vj5-7vmj", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-29042", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-01T20:47:55.700604Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:franciscop:translate:*:*:*:*:*:*:*:*"], "vendor": "franciscop", "product": "translate", "versions": [{"status": "affected", "version": "0", "lessThan": "3.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-01T20:50:27.695Z"}}]}}

{"descriptions": [{"lang": "en", "value": "Translate is a package that allows users to convert text to different languages on Node.js and the browser. Prior to version 3.0.0, an attacker controlling the second variable of the `translate` function is able to perform a cache poisoning attack. They can change the outcome of translation requests made by subsequent users. The `opt.id` parameter allows the overwriting of the cache key. If an attacker sets the `id` variable to the cache key that would be generated by another user, they can choose the response that user gets served. Version 3.0.0 fixes this issue."}, {"lang": "es", "value": "Translate es un paquete que permite a los usuarios convertir texto a diferentes idiomas en Node.js y el navegador. Antes de la versi\u00f3n 3.0.0, un atacante que controlaba la segunda variable de la funci\u00f3n \"traducir\" pod\u00eda realizar un ataque de envenenamiento de cach\u00e9. Pueden cambiar el resultado de las solicitudes de traducci\u00f3n realizadas por usuarios posteriores. El par\u00e1metro `opt.id` permite sobrescribir la clave de cach\u00e9. Si un atacante establece la variable `id` en la clave de cach\u00e9 que generar\u00eda otro usuario, puede elegir la respuesta que recibir\u00e1 ese usuario. La versi\u00f3n 3.0.0 soluciona este problema."}], "id": "CVE-2024-29042", "lastModified": "2024-11-21T09:07:26.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-22T17:15:07.990", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4"}, {"source": "security-advisories@github.com", "url": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3"}, {"source": "security-advisories@github.com", "url": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/franciscop/translate/commit/7a2bf8b9f05f7c45c09683973ef4d8e995804aa4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/franciscop/translate/commit/cc1ba03078102f83e0503a96f1a081489bb865d3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security-advisories@github.com", "type": "Secondary"}]}