SCA: security update for @netlify/ipx (GHSA-9jjv-524m-jm98)

medium Tenable Cloud Security Plugin ID 413337

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- netlify-ipx is an on-Demand image optimization for Netlify using ipx. In versions prior to 1.2.3, an
attacker can bypass the source image domain allowlist by sending specially crafted headers, causing the
handler to load and return arbitrary images. Because the response is cached globally, this image will then
be served to visitors without requiring those headers to be set. XSS can be achieved by requesting a
malicious SVG with embedded scripts, which would then be served from the site domain. Note that this does
not apply to images loaded in `<img>` tags, as scripts do not execute in this context. The image URL can
be set in the header independently of the request URL, meaning any site images that have not previously
been cached can have their cache poisoned. This problem has been fixed in version 1.2.3. As a workaround,
cached content can be cleared by re-deploying the site. (CVE-2022-39239)

See Also

https://github.com/advisories/GHSA-9jjv-524m-jm98

Plugin Details

Severity: Medium

ID: 413337

Version: Revision 1.6

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 2.3

Percentile: 8.67

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

CVSS Score Source: CVE-2022-39239

CVSS v3

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 9/21/2022

Vulnerability Publication Date: 9/21/2022

Reference Information

CVE: CVE-2022-39239

cwe: CWE-79