CVE-2022-0722
Exposure of Sensitive Information vulnerability in parse-url (npm)
What is CVE-2022-0722 About?
This vulnerability involves the Exposure of Sensitive Information to an Unauthorized Actor due to hostname confusion within the ionicabizau/parse-url library. Attackers can leverage this confusion to trick the application into revealing sensitive data. The ease of exploitation depends on the context of how the library is used and the attacker's ability to manipulate hostnames.
Affected Software
Technical Details
The vulnerability stems from an issue in the ionicabizau/parse-url library prior to version 6.0.1 where it mishandles hostname parsing, leading to 'hostname confusion'. An attacker can craft a URL that, when processed by the vulnerable library, is misinterpreted internally. This misinterpretation can cause the application to connect to an attacker-controlled server or to incorrectly route requests, leading to the unintended exposure of sensitive information (e.g., cookies, authentication tokens, API keys) that would normally only be sent to legitimate hosts. The attack vector involves providing a specially crafted URL that exploits the hostname parsing logic.
What is the Impact of CVE-2022-0722?
Successful exploitation may allow attackers to gain unauthorized access to sensitive information, leading to data breaches or further compromise of the system.
What is the Exploitability of CVE-2022-0722?
Exploitation relies on an attacker's ability to inject or manipulate URLs processed by the parse-url library. The complexity is moderate, requiring an understanding of the library's parsing logic and how it can be confused. Authentication might not be required if the URL parsing occurs in an unauthenticated part of an application, or it could be required if the functionality is behind authentication. Privilege requirements are typically low. This is primarily a remote vulnerability if the application processes external URLs. Special conditions include the application relying on the parse-url library for security-sensitive hostname checks or routing, where a confused hostname can lead to information disclosure. The likelihood of exploitation increases if user-supplied URLs are not strictly validated before being processed by the library.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2022-0722?
Available Upgrade Options
- parse-url
- <6.0.1 → Upgrade to 6.0.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226
- https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3
- https://osv.dev/vulnerability/GHSA-4p35-cfcx-8653
- https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226
- https://nvd.nist.gov/vuln/detail/CVE-2022-0722
- https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3
What are Similar Vulnerabilities to CVE-2022-0722?
Similar Vulnerabilities: CVE-2021-39181 , CVE-2018-12536 , CVE-2022-24756 , CVE-2022-26135 , CVE-2019-16782
