FKIE_CVE-2024-37168

Vulnerability from fkie_nvd - Published: 2024-06-10 22:15 - Updated: 2024-11-21 09:23
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to versions 1.10.9, 1.9.15, and 1.8.22, there are two separate code paths in which memory can be allocated per message in excess of the `grpc.max_receive_message_length` channel option: If an incoming message has a size on the wire greater than the configured limit, the entire message is buffered before it is discarded; and/or if an incoming message has a size within the limit on the wire but decompresses to a size greater than the limit, the entire message is decompressed into memory, and on the server is not discarded. This has been patched in versions 1.10.9, 1.9.15, and 1.8.22.
References
security-advisories@github.comhttps://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650
security-advisories@github.comhttps://github.com/grpc/grpc-node/commit/674f4e351a619fd4532f84ae6dff96b8ee4e1ed3
security-advisories@github.comhttps://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb
security-advisories@github.comhttps://github.com/grpc/grpc-node/security/advisories/GHSA-7v5v-9h63-cj86
af854a3a-2127-422b-91ae-364da2661108https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650
af854a3a-2127-422b-91ae-364da2661108https://github.com/grpc/grpc-node/commit/674f4e351a619fd4532f84ae6dff96b8ee4e1ed3
af854a3a-2127-422b-91ae-364da2661108https://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb
af854a3a-2127-422b-91ae-364da2661108https://github.com/grpc/grpc-node/security/advisories/GHSA-7v5v-9h63-cj86
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to versions 1.10.9, 1.9.15, and 1.8.22, there are two separate code paths in which memory can be allocated per message in excess of the `grpc.max_receive_message_length` channel option: If an incoming message has a size on the wire greater than the configured limit, the entire message is buffered before it is discarded; and/or if an incoming message has a size within the limit on the wire but decompresses to a size greater than the limit, the entire message is decompressed into memory, and on the server is not discarded. This has been patched in versions 1.10.9, 1.9.15, and 1.8.22.\n"
    },
    {
      "lang": "es",
      "value": "@grpc/grps-js implementa la funcionalidad principal de gRPC exclusivamente en JavaScript, sin un complemento de C++. Antes de las versiones 1.10.9, 1.9.15 y 1.8.22, existen dos rutas de c\u00f3digo separadas en las que se puede asignar memoria por mensaje que exceda la opci\u00f3n de canal `grpc.max_receive_message_length`: si un mensaje entrante tiene un tama\u00f1o en el cable es mayor que el l\u00edmite configurado, todo el mensaje se almacena en el b\u00fafer antes de descartarlo; y/o si un mensaje entrante tiene un tama\u00f1o dentro del l\u00edmite del cable pero se descomprime a un tama\u00f1o mayor que el l\u00edmite, el mensaje completo se descomprime en la memoria y no se descarta en el servidor. Esto se ha parcheado en las versiones 1.10.9, 1.9.15 y 1.8.22."
    }
  ],
  "id": "CVE-2024-37168",
  "lastModified": "2024-11-21T09:23:20.993",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-06-10T22:15:12.433",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/grpc/grpc-node/commit/674f4e351a619fd4532f84ae6dff96b8ee4e1ed3"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/grpc/grpc-node/security/advisories/GHSA-7v5v-9h63-cj86"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/grpc/grpc-node/commit/674f4e351a619fd4532f84ae6dff96b8ee4e1ed3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/grpc/grpc-node/security/advisories/GHSA-7v5v-9h63-cj86"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-789"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.