CVE-2023-45821: 
NixOS vulnerability analysis and mitigation

CVE-2023-45821 affects Artifact Hub, a web-based application for finding, installing, and publishing packages and configurations for CNCF projects. The vulnerability was discovered during a security audit by researcher Dejan Zelic at OffSec and disclosed on October 19, 2023. The issue exists in the registryIsDockerHub function which incorrectly validates registry domains by only checking for a docker.io suffix (GitHub Advisory).

The vulnerability stems from an improper validation check in the registryIsDockerHub function, which only verifies if a registry domain ends with docker.io. The CVSS v3.1 base score is 6.3 (Medium) with vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L according to NVD, while GitHub rates it as 5.4 (Medium) with vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L (NVD).

The vulnerability could allow an attacker to hijack Docker credentials by purchasing a domain ending with docker.io and deploying a fake OCI registry. While artifacthub.io only uses credentials with public content read permissions, other Artifact Hub deployments might be using credentials with broader access, potentially leading to unauthorized access to private repositories (GitHub Advisory).

This vulnerability has been patched in version 1.16.0 of Artifact Hub. Users are advised to upgrade to this version or later. There are no known workarounds for this vulnerability (GitHub Advisory).