FKIE_CVE-2022-3212

Vulnerability from fkie_nvd - Published: 2022-09-14 16:15 - Updated: 2024-11-21 07:19
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and crash. This also applies to these extractors which used Bytes::from_request internally: axum::extract::Form axum::extract::Json String
References
reefs@jfrog.comhttps://research.jfrog.com/vulnerabilities/axum-core-dos/Exploit, Third Party Advisory
reefs@jfrog.comhttps://rustsec.org/advisories/RUSTSEC-2022-0055.htmlExploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://research.jfrog.com/vulnerabilities/axum-core-dos/Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://rustsec.org/advisories/RUSTSEC-2022-0055.htmlExploit, Issue Tracking, Patch, Third Party Advisory
Impacted products
Vendor Product Version
axum-core_project axum-core *
axum-core_project axum-core 0.3.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:axum-core_project:axum-core:*:*:*:*:*:rust:*:*",
              "matchCriteriaId": "3C75C001-9583-4589-B223-CFC88D83DC6F",
              "versionEndExcluding": "0.2.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:axum-core_project:axum-core:0.3.0:rc1:*:*:*:rust:*:*",
              "matchCriteriaId": "BAA28945-A516-4F1E-99FF-470141986E69",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\u003cbytes::Bytes as axum_core::extract::FromRequest\u003e::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and crash. This also applies to these extractors which used Bytes::from_request internally: axum::extract::Form axum::extract::Json String"
    },
    {
      "lang": "es",
      "value": "(bytes::Bytes como axum_core::extract::FromRequest)::from_request no establec\u00eda, por defecto, un l\u00edmite para el tama\u00f1o del cuerpo de la petici\u00f3n. Esto significaba que si un compa\u00f1ero malicioso enviaba un cuerpo muy grande (o infinito) su servidor podr\u00eda quedarse sin memoria y colapsar. Esto tambi\u00e9n se aplica a estos extractores que usan Bytes::from_request internamente: axum::extract::Form axum::extract::Json String"
    }
  ],
  "id": "CVE-2022-3212",
  "lastModified": "2024-11-21T07:19:03.723",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "reefs@jfrog.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-14T16:15:11.883",
  "references": [
    {
      "source": "reefs@jfrog.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://research.jfrog.com/vulnerabilities/axum-core-dos/"
    },
    {
      "source": "reefs@jfrog.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://rustsec.org/advisories/RUSTSEC-2022-0055.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://research.jfrog.com/vulnerabilities/axum-core-dos/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://rustsec.org/advisories/RUSTSEC-2022-0055.html"
    }
  ],
  "sourceIdentifier": "reefs@jfrog.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "reefs@jfrog.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.