Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Critical vulnerability reported by Snyk on the validate method of the library #1397

Closed
PayelKarmakar06 opened this issue Nov 16, 2021 · 2 comments
Closed

Critical vulnerability reported by Snyk on the validate method of the library #1397

PayelKarmakar06 opened this issue Nov 16, 2021 · 2 comments
Labels
status: duplicate Issue is being tracked already in another issue. type: fix Issues describing a broken feature.

Comments

@PayelKarmakar06
Copy link

Description

A new critical vulnerability has been reported by Snyk on the validate method of the library.

Affected versions of this package are vulnerable to Improper Input Validation via bypassing the input validation in validate(), which can lead to cross-site scripting (XSS) or SQL injection. NOTE: There is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass.

Minimal code-snippet showcasing the problem - PoC by xiaofen9

import {validate, validateOrReject, Contains, IsInt, Length, IsEmail, IsFQDN, IsDate, Min, Max} from "class-validator";
import {plainToClass} from "class-transformer";

class Post {

@Length(10, 20)
title: string;

@Contains("hello")
text: string;

@IsInt()
@Min(0)
@Max(10)
rating: number;

@IsEmail()
email: string;

@IsFQDN()
site: string;

@IsDate()
createDate: Date;

}

let userJson = JSON.parse('{"title":1233, "proto":{}}'); // a malformed input
let users = plainToClass(Post, userJson);

validate(users).then(errors => { // errors is an array of validation errors
if (errors.length > 0) {
console.log("validation failed. errors: ", errors);
} else {
console.log("validation succeed");
}
});

Expected behavior

No critical vulnerability should arise

Actual behavior

Critical vulnerability
@PayelKarmakar06 PayelKarmakar06 added status: needs triage Issues which needs to be reproduced to be verified report. type: fix Issues describing a broken feature. labels Nov 16, 2021
@PayelKarmakar06 PayelKarmakar06 changed the title A new critical vulnerability has been reported by Snyk on the validate method of the library Critical vulnerability reported by Snyk on the validate method of the library Nov 16, 2021
@braaar
Copy link
Member

braaar commented Nov 16, 2022

Closing this. Let's track this in #1422

@braaar braaar closed this as completed Nov 16, 2022
@braaar braaar added status: duplicate Issue is being tracked already in another issue. and removed status: needs triage Issues which needs to be reproduced to be verified report. labels Nov 16, 2022
@github-actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 17, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
status: duplicate Issue is being tracked already in another issue. type: fix Issues describing a broken feature.
Milestone
No milestone
Development

No branches or pull requests
2 participants
@braaar @PayelKarmakar06