| id: GO-2022-1178 |
| modules: |
| - module: github.com/bradleyfalzon/ghinstallation |
| versions: |
| - fixed: 1.1.2-0.20210308182858-d24f14f8be70 |
| vulnerable_at: 1.1.1 |
| packages: |
| - package: github.com/bradleyfalzon/ghinstallation |
| symbols: |
| - Transport.refreshToken |
| - Transport.Token |
| derived_symbols: |
| - Transport.RoundTrip |
| summary: JWT leak in github.com/bradleyfalzon/ghinstallation |
| description: |- |
| Errors returned by ghinstallation.Transport can include the JWT used for the |
| failed operation. If the error is exposed to an untrusted party, this JWT could |
| be extracted and used to authenticate further requests. |
| cves: |
| - CVE-2022-39304 |
| ghsas: |
| - GHSA-h4q8-96p6-jcgr |
| credits: |
| - '@Miskerest' |
| references: |
| - advisory: https://github.com/bradleyfalzon/ghinstallation/security/advisories/GHSA-h4q8-96p6-jcgr |
| - fix: https://github.com/bradleyfalzon/ghinstallation/commit/d24f14f8be70d94129d76026e8b0f4f9170c8c3e |
| - web: https://docs.github.com/en/developers/apps/building-github-apps/authenticating-with-github-apps#authenticating-as-an-installation |
| review_status: REVIEWED |