Описание
file-type detects the file type of a file, stream, or data. From 20.0.0 to 21.3.1, a crafted ZIP file can trigger excessive memory growth during type detection in file-type when using fileTypeFromBuffer(), fileTypeFromBlob(), or fileTypeFromFile(). The ZIP inflate output limit is enforced for stream-based detection, but not for known-size inputs. As a result, a small compressed ZIP can cause file-type to inflate and process a much larger payload while probing ZIP-based formats such as OOXML. This vulnerability is fixed in 21.3.2.
Ссылки
- Patch
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in file-type, a utility for detecting file types. A remote attacker could exploit this vulnerability by providing a specially crafted ZIP file to an application using file-type's buffer or file-based detection functions. This can lead to excessive memory growth, causing a Denial of Service (DoS) due to the application attempting to inflate and process a much larger payload than expected.
file-type: ZIP Decompression Bomb DoS via [Content_Types].xml entry
EPSS
5.3 Medium
CVSS3