Описание
@fastly/js-compute has a use-after-free in some host call implementations
Impact
The implementation of the following functions were determined to include a use-after-free bug:
FetchEvent.client.tlsCipherOpensslNameFetchEvent.client.tlsProtocolFetchEvent.client.tlsClientCertificateFetchEvent.client.tlsJA3MD5FetchEvent.client.tlsClientHelloCacheEntry.prototype.userMetadataof thefastly:cachesubsystemDevice.lookupof thefastly:devicesubsystem
This bug could allow for an unintended data leak if the result of the preceding functions were sent anywhere else, and often results in a Compute service crash causing an HTTP 500 error to be returned. As all requests to Compute are isolated from one another, the only data at risk is data present for a single request.
Patches
This bug has been fixed in version 3.16.0 of the @fastly/js-compute package.
Workarounds
There are no workarounds for this bug, any use of the affected functions introduces the possibility of a data leak or crash in guest code.
Пакеты
@fastly/js-compute
>= 3.0.0, < 3.16.0
3.16.0
Связанные уязвимости
@fastly/js-compute is a JavaScript SDK and runtime for building Fastly Compute applications. The implementation of several functions were determined to include a use-after-free bug. This bug could allow for unintended data loss if the result of the preceding functions were sent anywhere else, and often results in a guest trap causing services to return a 500. This bug has been fixed in version 3.16.0 of the `@fastly/js-compute` package.