Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS14d3g3LXA2M3ItMnJqOM4ABCrY

Navidrome Stores JWT Secret in Plaintext in navidrome.db

Navidrome stores the JWT secret in plaintext in the navidrome.db database file under the property table. This practice introduces a security risk because anyone with access to the database file can retrieve the secret.
The JWT secret is critical for the authentication and authorization system. If exposed, an attacker could:

• Forge valid tokens to impersonate users, including administrative accounts.
• Gain unauthorized access to sensitive data or perform privileged actions.
  This vulnerability has been tested on the latest version of Navidrome and poses a significant risk in environments where the database file is not adequately secured.

Permalink: https://github.com/advisories/GHSA-xwx7-p63r-2rj8
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS14d3g3LXA2M3ItMnJqOM4ABCrY
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: 16 days ago
Updated: 16 days ago

CVSS Score: 7.1
CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS Percentage: 0.00045
EPSS Percentile: 0.17541

Identifiers: GHSA-xwx7-p63r-2rj8, CVE-2024-56362
References:

• https://github.com/navidrome/navidrome/security/advisories/GHSA-xwx7-p63r-2rj8
• https://nvd.nist.gov/vuln/detail/CVE-2024-56362
• https://github.com/navidrome/navidrome/commit/7f030b0859653593fd2ac0df69f4a313f9caf9ff
• https://github.com/navidrome/navidrome/commit/9cbdb20a318a49daf95888b1fd207d4d729b55f1
• https://github.com/navidrome/navidrome/releases/tag/v0.54.1
• https://github.com/advisories/GHSA-xwx7-p63r-2rj8

Repository: https://github.com/navidrome/navidrome
Blast Radius: 0.0

Affected Packages