Search criteria
2 vulnerabilities found for lightning-flow-scanner by Flow-Scanner
CVE-2025-67750 (GCVE-0-2025-67750)
Vulnerability from nvd – Published: 2025-12-12 20:14 – Updated: 2025-12-12 20:50
VLAI
Title
Lightning Flow Scanner is Vulnerable to Code Injection via Unsafe Use of new Function() in APIVersion Rule
Summary
Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new Function() to evaluate expression strings, enabling an attacker to supply a malicious expression within rule configuration or crafted flow metadata. This could compromise developer machines, CI runners, or editor environments. This issue is fixed in version 6.10.6.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/Flow-Scanner/lightning-flow-sc… | x_refsource_CONFIRM |
| https://github.com/Flow-Scanner/lightning-flow-sc… | x_refsource_MISC |
| https://github.com/Flow-Scanner/lightning-flow-sc… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Flow-Scanner | lightning-flow-scanner |
Affected:
< 6.10.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-12T20:50:51.293007Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T20:50:57.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "lightning-flow-scanner",
"vendor": "Flow-Scanner",
"versions": [
{
"status": "affected",
"version": "\u003c 6.10.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new Function() to evaluate expression strings, enabling an attacker to supply a malicious expression within rule configuration or crafted flow metadata. This could compromise developer machines, CI runners, or editor environments. This issue is fixed in version 6.10.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T20:14:21.004Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Flow-Scanner/lightning-flow-scanner/security/advisories/GHSA-55jh-84jv-8mx8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Flow-Scanner/lightning-flow-scanner/security/advisories/GHSA-55jh-84jv-8mx8"
},
{
"name": "https://github.com/Flow-Scanner/lightning-flow-scanner/commit/10f64a5eb193d8a777e453b25e910144e4540795",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Flow-Scanner/lightning-flow-scanner/commit/10f64a5eb193d8a777e453b25e910144e4540795"
},
{
"name": "https://github.com/Flow-Scanner/lightning-flow-scanner/releases/tag/core-v6.10.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Flow-Scanner/lightning-flow-scanner/releases/tag/core-v6.10.6"
}
],
"source": {
"advisory": "GHSA-55jh-84jv-8mx8",
"discovery": "UNKNOWN"
},
"title": "Lightning Flow Scanner is Vulnerable to Code Injection via Unsafe Use of new Function() in APIVersion Rule"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-67750",
"datePublished": "2025-12-12T20:14:21.004Z",
"dateReserved": "2025-12-11T20:30:54.927Z",
"dateUpdated": "2025-12-12T20:50:57.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-67750 (GCVE-0-2025-67750)
Vulnerability from cvelistv5 – Published: 2025-12-12 20:14 – Updated: 2025-12-12 20:50
VLAI
Title
Lightning Flow Scanner is Vulnerable to Code Injection via Unsafe Use of new Function() in APIVersion Rule
Summary
Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new Function() to evaluate expression strings, enabling an attacker to supply a malicious expression within rule configuration or crafted flow metadata. This could compromise developer machines, CI runners, or editor environments. This issue is fixed in version 6.10.6.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/Flow-Scanner/lightning-flow-sc… | x_refsource_CONFIRM |
| https://github.com/Flow-Scanner/lightning-flow-sc… | x_refsource_MISC |
| https://github.com/Flow-Scanner/lightning-flow-sc… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Flow-Scanner | lightning-flow-scanner |
Affected:
< 6.10.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-67750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-12T20:50:51.293007Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T20:50:57.161Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "lightning-flow-scanner",
"vendor": "Flow-Scanner",
"versions": [
{
"status": "affected",
"version": "\u003c 6.10.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lightning Flow Scanner provides a A CLI plugin, VS Code Extension and GitHub Action for analysis and optimization of Salesforce Flows. Versions 6.10.5 and below allow a maliciously crafted flow metadata file to cause arbitrary JavaScript execution during scanning. The APIVersion rule uses new Function() to evaluate expression strings, enabling an attacker to supply a malicious expression within rule configuration or crafted flow metadata. This could compromise developer machines, CI runners, or editor environments. This issue is fixed in version 6.10.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-12T20:14:21.004Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Flow-Scanner/lightning-flow-scanner/security/advisories/GHSA-55jh-84jv-8mx8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Flow-Scanner/lightning-flow-scanner/security/advisories/GHSA-55jh-84jv-8mx8"
},
{
"name": "https://github.com/Flow-Scanner/lightning-flow-scanner/commit/10f64a5eb193d8a777e453b25e910144e4540795",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Flow-Scanner/lightning-flow-scanner/commit/10f64a5eb193d8a777e453b25e910144e4540795"
},
{
"name": "https://github.com/Flow-Scanner/lightning-flow-scanner/releases/tag/core-v6.10.6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Flow-Scanner/lightning-flow-scanner/releases/tag/core-v6.10.6"
}
],
"source": {
"advisory": "GHSA-55jh-84jv-8mx8",
"discovery": "UNKNOWN"
},
"title": "Lightning Flow Scanner is Vulnerable to Code Injection via Unsafe Use of new Function() in APIVersion Rule"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-67750",
"datePublished": "2025-12-12T20:14:21.004Z",
"dateReserved": "2025-12-11T20:30:54.927Z",
"dateUpdated": "2025-12-12T20:50:57.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}