CVE-2024-28120 - Vulnerability Details - OpenCVE

codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus impersonate the user on the backend autocomplete server. This issue has not been addressed. Users are advised to monitor the usage of their API key.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00219.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Exafunction

codeium-chrome

affected

Version	Status	Constraints
`<= 1.2.52`	affected	—

No data.

No data.

No data.

Project Subscriptions

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-25271	codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus impersonate the user on the backend autocomplete server. This issue has not been addressed. Users are advised to monitor the usage of their API key.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p
https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-03-11T21:14:22.675Z

Updated: 2024-08-02T00:48:49.158Z

Reserved: 2024-03-04T14:19:14.060Z

Link: CVE-2024-28120

Vulnrichment

Updated: 2024-08-02T00:48:49.158Z

NVD

Status : Awaiting Analysis

Published: 2024-03-11T22:15:55.707

Modified: 2024-11-21T09:05:51.580

Link: CVE-2024-28120

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-28120", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-03-04T14:19:14.060Z", "datePublished": "2024-03-11T21:14:22.675Z", "dateUpdated": "2024-08-02T00:48:49.158Z"}, "containers": {"cna": {"title": "API key leak in codeium-chrome", "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "lang": "en", "description": "CWE-284: Improper Access Control", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p"}, {"name": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome", "tags": ["x_refsource_MISC"], "url": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome"}], "affected": [{"vendor": "Exafunction", "product": "codeium-chrome", "versions": [{"version": "<= 1.2.52", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-11T21:14:22.675Z"}, "descriptions": [{"lang": "en", "value": "codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus impersonate the user on the backend autocomplete server. This issue has not been addressed. Users are advised to monitor the usage of their API key."}], "source": {"advisory": "GHSA-8c7j-2h97-q63p", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28120", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-12T15:50:10.792594Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:04:00.650Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:49.158Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p"}, {"name": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p", "name": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome", "name": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:49.158Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-28120", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-12T15:50:10.792594Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:16.981Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "API key leak in codeium-chrome", "source": {"advisory": "GHSA-8c7j-2h97-q63p", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Exafunction", "product": "codeium-chrome", "versions": [{"status": "affected", "version": "<= 1.2.52"}]}], "references": [{"url": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p", "name": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome", "name": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus impersonate the user on the backend autocomplete server. This issue has not been addressed. Users are advised to monitor the usage of their API key."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-11T21:14:22.675Z"}}}, "cveMetadata": {"cveId": "CVE-2024-28120", "state": "PUBLISHED", "dateUpdated": "2024-08-02T00:48:49.158Z", "dateReserved": "2024-03-04T14:19:14.060Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-03-11T21:14:22.675Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "codeium-chrome is an open source code completion plugin for the chrome web browser. The service worker of the codeium-chrome extension doesn't check the sender when receiving an external message. This allows an attacker to host a website that will steal the user's Codeium api-key, and thus impersonate the user on the backend autocomplete server. This issue has not been addressed. Users are advised to monitor the usage of their API key."}, {"lang": "es", "value": "codeium-chrome es un complemento de finalizaci\u00f3n de c\u00f3digo fuente abierto para el navegador web Chrome. El trabajador de servicio de la extensi\u00f3n codeium-chrome no verifica al remitente cuando recibe un mensaje externo. Esto permite a un atacante alojar un sitio web que robar\u00e1 la clave API de Codeium del usuario y, por lo tanto, se har\u00e1 pasar por el usuario en el servidor de autocompletar backend. Esta cuesti\u00f3n no se ha abordado. Se recomienda a los usuarios que supervisen el uso de su clave API."}], "id": "CVE-2024-28120", "lastModified": "2024-11-21T09:05:51.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-03-11T22:15:55.707", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p"}, {"source": "security-advisories@github.com", "url": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/Exafunction/codeium-chrome/security/advisories/GHSA-8c7j-2h97-q63p"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://securitylab.github.com/advisories/GHSL-2024-027_GHSL-2024-028_codeium-chrome"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Secondary"}]}