{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T11:43:45.201","vulnerabilities":[{"cve":{"id":"CVE-2023-49799","sourceIdentifier":"security-advisories@github.com","published":"2023-12-09T00:15:07.393","lastModified":"2024-11-21T08:33:52.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"`nuxt-api-party` is an open source module to proxy API requests. nuxt-api-party attempts to check if the user has passed an absolute URL to prevent the aforementioned attack. This has been recently changed to use the regular expression `^https?://`, however this regular expression can be bypassed by an absolute URL with leading whitespace. For example `\\nhttps://whatever.com` which has a leading newline. According to the fetch specification, before a fetch is made the URL is normalized. \"To normalize a byte sequence potentialValue, remove any leading and trailing HTTP whitespace bytes from potentialValue.\". This means the final request will be normalized to `https://whatever.com` bypassing the check and nuxt-api-party will send a request outside of the whitelist. This could allow us to leak credentials or perform Server-Side Request Forgery (SSRF). This vulnerability has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should revert to the previous method of detecting absolute URLs."},{"lang":"es","value":"`nuxt-api-party` es un módulo de código abierto para enviar solicitudes de API. nuxt-api-party intenta comprobar si el usuario ha pasado una URL absoluta para evitar el ataque antes mencionado. Esto se cambió recientemente para usar la expresión regular `^https?://`; sin embargo, esta expresión regular se puede omitir mediante una URL absoluta con espacios en blanco al principio. Por ejemplo `\\nhttps://whatever.com` que tiene una nueva línea inicial. Según la especificación de recuperación, antes de realizar una recuperación, la URL se normaliza. \"Para normalizar una secuencia de bytes de valor potencial, elimine los bytes de espacio en blanco HTTP iniciales y finales de valor potencial\". Esto significa que la solicitud final se normalizará en `https://whatever.com` sin pasar por la verificación y nuxt-api-party enviará una solicitud fuera de la lista blanca. Esto podría permitirnos filtrar credenciales o realizar Server-Side Request Forgery (SSRF). Esta vulnerabilidad se ha solucionado en la versión 0.22.1. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben volver al método anterior para detectar URL absolutas."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:johannschopplich:nuxt_api_party:*:*:*:*:*:node.js:*:*","versionEndIncluding":"0.21.3","matchCriteriaId":"3FF05127-C972-40EC-A3E2-6733D255DAA2"}]}]}],"references":[{"url":"https://fetch.spec.whatwg.org/","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://fetch.spec.whatwg.org/#http-whitespace-byte","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://github.com/johannschopplich/nuxt-api-party/blob/777462e1e3af1d9f8938aa33f230cd8cb6e0cc9a/src/runtime/server/handler.ts#L31","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/johannschopplich/nuxt-api-party/security/advisories/GHSA-3wfp-253j-5jxv","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://infra.spec.whatwg.org/#byte-sequence","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://fetch.spec.whatwg.org/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://fetch.spec.whatwg.org/#http-whitespace-byte","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/johannschopplich/nuxt-api-party/blob/777462e1e3af1d9f8938aa33f230cd8cb6e0cc9a/src/runtime/server/handler.ts#L31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/johannschopplich/nuxt-api-party/security/advisories/GHSA-3wfp-253j-5jxv","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://infra.spec.whatwg.org/#byte-sequence","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}}]}