Описание
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names.
A flaw was found in Node.js, where affected Node.js versions converted carriage returns in HTTP request headers to a hyphen before parsing. This flaw leads to HTTP Request Smuggling as it is a non-standard interpretation of the header. The highest threat from this vulnerability is to confidentiality and integrity.
Отчет
Node.js is included in Red Hat Quay as a dependency of Yarn, which is only used while building Red Hat Quay, and not during runtime.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | nodejs:10/nodejs | Not affected | ||
| Red Hat Enterprise Linux 8 | nodejs:14/nodejs | Affected | ||
| Red Hat Quay 3 | quay | Fix deferred | ||
| Red Hat Software Collections | rh-nodejs10-nodejs | Not affected | ||
| Red Hat Enterprise Linux 8 | nodejs | Fixed | RHSA-2020:4272 | 19.10.2020 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | nodejs | Fixed | RHSA-2020:4903 | 04.11.2020 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-nodejs12-nodejs | Fixed | RHSA-2020:5086 | 12.11.2020 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | rh-nodejs12-nodejs | Fixed | RHSA-2020:5086 | 12.11.2020 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS | rh-nodejs12-nodejs | Fixed | RHSA-2020:5086 | 12.11.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS3
Связанные уязвимости
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names.
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names.
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync ...
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names.
Уязвимость программной платформы Node.js, связанная с ошибкой обработки имен HTTP - заголовка, позволяющая нарушителю получить доступ к защищаемой информации или повысить свои привилегии
EPSS
7.4 High
CVSS3