CVE-2022-24803 - Vulnerability Details - OpenCVE

Asciidoctor-include-ext is Asciidoctor’s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

Vendors	Products
Asciidoctor-include-ext Project	Asciidoctor-include-ext

Configuration 1 [-]

cpe:2.3:a:asciidoctor-include-ext_project:asciidoctor-include-ext:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155
https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee
https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29

History

Tue, 22 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-03-31T23:30:14.000Z

Updated: 2025-04-22T18:17:46.997Z

Reserved: 2022-02-10T00:00:00.000Z

Link: CVE-2022-24803

Vulnrichment

Updated: 2024-08-03T04:20:50.529Z

NVD

Status : Modified

Published: 2022-04-01T00:15:08.950

Modified: 2024-11-21T06:51:08.023

Link: CVE-2022-24803

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "asciidoctor-include-ext", "vendor": "jirutka", "versions": [{"status": "affected", "version": "< 0.4.0"}]}], "descriptions": [{"lang": "en", "value": "Asciidoctor-include-ext is Asciidoctor\u2019s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-31T23:30:14.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}], "source": {"advisory": "GHSA-v222-6mr4-qj29", "discovery": "UNKNOWN"}, "title": "Command Injection vulnerability in asciidoctor-include-ext", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24803", "STATE": "PUBLIC", "TITLE": "Command Injection vulnerability in asciidoctor-include-ext"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "asciidoctor-include-ext", "version": {"version_data": [{"version_value": "< 0.4.0"}]}}]}, "vendor_name": "jirutka"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Asciidoctor-include-ext is Asciidoctor\u2019s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29", "refsource": "CONFIRM", "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"name": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155", "refsource": "MISC", "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"name": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee", "refsource": "MISC", "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}]}, "source": {"advisory": "GHSA-v222-6mr4-qj29", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.529Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-22T15:37:30.670379Z", "id": "CVE-2022-24803", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T18:17:46.997Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24803", "datePublished": "2022-03-31T23:30:14.000Z", "dateReserved": "2022-02-10T00:00:00.000Z", "dateUpdated": "2025-04-22T18:17:46.997Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"containers": {"cna": {"affected": [{"product": "asciidoctor-include-ext", "vendor": "jirutka", "versions": [{"status": "affected", "version": "< 0.4.0"}]}], "descriptions": [{"lang": "en", "value": "Asciidoctor-include-ext is Asciidoctor\u2019s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-31T23:30:14.000Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}], "source": {"advisory": "GHSA-v222-6mr4-qj29", "discovery": "UNKNOWN"}, "title": "Command Injection vulnerability in asciidoctor-include-ext", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24803", "STATE": "PUBLIC", "TITLE": "Command Injection vulnerability in asciidoctor-include-ext"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "asciidoctor-include-ext", "version": {"version_data": [{"version_value": "< 0.4.0"}]}}]}, "vendor_name": "jirutka"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Asciidoctor-include-ext is Asciidoctor\u2019s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29", "refsource": "CONFIRM", "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"name": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155", "refsource": "MISC", "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"name": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee", "refsource": "MISC", "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}]}, "source": {"advisory": "GHSA-v222-6mr4-qj29", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.529Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-24803", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-22T15:37:30.670379Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-22T15:37:32.009Z"}}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24803", "datePublished": "2022-03-31T23:30:14.000Z", "dateReserved": "2022-02-10T00:00:00.000Z", "dateUpdated": "2025-04-22T18:17:46.997Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asciidoctor-include-ext_project:asciidoctor-include-ext:*:*:*:*:*:*:*:*", "matchCriteriaId": "39AA2467-43AC-4113-A089-325768DC5A00", "versionEndExcluding": "0.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Asciidoctor-include-ext is Asciidoctor\u2019s standard include processor reimplemented as an extension. Versions prior to 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an attacker to execute arbitrary system commands on the host operating system. This attack is possible even when `allow-uri-read` is disabled! The problem has been patched in the referenced commits."}, {"lang": "es", "value": "Asciidoctor-include-ext es el procesador de inclusi\u00f3n est\u00e1ndar de Asciidoctor reimplementado como una extensi\u00f3n. En versiones anteriores a 0.4.0, cuando son usadas para renderizar la entrada suministrada por el usuario en el marcado AsciiDoc, pueden permitir a un atacante ejecutar comandos arbitrarios del sistema en el sistema operativo anfitri\u00f3n. Este ataque es posible incluso cuando \"allow-uri-read\" est\u00e1 deshabilitado. El problema ha sido parcheado en los commits referenciados"}], "id": "CVE-2022-24803", "lastModified": "2024-11-21T06:51:08.023", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-01T00:15:08.950", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "security-advisories@github.com", "type": "Secondary"}]}