Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-38366
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-01 Jul, 2024 | 20:42
Updated At-02 Aug, 2024 | 04:04
Rejected At-
▼CVE Numbering Authority (CNA)
CoacoaPods trunk RCE in email verification system rfc-822

trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. The part of trunk which verifies whether a user has a real email address on signup used a rfc-822 library which executes a shell command to validate the email domain MX records validity. It works via an DNS MX. This lookup could be manipulated to also execute a command on the trunk server, effectively giving root access to the server and the infrastructure. This issue was patched server-side with commit 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 in September 2023. This RCE triggered a full user-session reset, as an attacker could have used this method to write to any Podspec in trunk.

Affected Products
Vendor
CocoaPods
Product
CocoaPods
Versions
Affected
  • < 001cc3a430e75a16307f5fd6cdff1363ad2f40f3
Problem Types
TypeCWE IDDescription
CWECWE-74CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Metrics
VersionBase scoreBase severityVector
3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/CocoaPods/CocoaPods/security/advisories/GHSA-x2x4-g675-qg7c
x_refsource_CONFIRM
https://blog.cocoapods.org/CocoaPods-Trunk-RCEs-2023
x_refsource_MISC
https://evasec.webflow.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods#2-remote-code-execution-on-the-cocoapods-trunk-server
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
cocoapods
Product
cocoapods
CPEs
  • cpe:2.3:a:cocoapods:cocoapods:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 0 before 001cc3a430e75a16307f5fd6cdff1363ad2f40f3 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/CocoaPods/CocoaPods/security/advisories/GHSA-x2x4-g675-qg7c
x_refsource_CONFIRM
x_transferred
https://blog.cocoapods.org/CocoaPods-Trunk-RCEs-2023
x_refsource_MISC
x_transferred
https://evasec.webflow.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods#2-remote-code-execution-on-the-cocoapods-trunk-server
x_refsource_MISC
x_transferred
Details not found