GHSA-MGC4-WQV7-4PXM
Vulnerability from github – Published: 2023-05-18 17:29 – Updated: 2023-05-18 17:29
VLAI
Summary
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header
Details
Impact
Affected SwiftNIO systems are vulnerable to request smuggling attacks, in which they parse a given HTTP message differently from other network parties, potentially seeing a different number of requests than other servers. This can lead to failures of authentication, routing, and other issues.
This vulnerability can be found in the bundled copy of the Node.JS HTTP parser used in the NIOHTTP1 module.
Workarounds
No workaround is available, users must upgrade.
References
https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/#http-request-smuggling-using-malformed-transfer-encoding-header-critical-cve-2019-15605
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "SwiftURL",
"name": "github.com/apple/swift-nio"
},
"ranges": [
{
"events": [
{
"introduced": "1.0.0"
},
{
"fixed": "1.14.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "SwiftURL",
"name": "github.com/apple/swift-nio"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0"
},
{
"fixed": "2.13.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2023-05-18T17:29:43Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "### Impact\n\nAffected SwiftNIO systems are vulnerable to request smuggling attacks, in which they parse a given HTTP message differently from other network parties, potentially seeing a different number of requests than other servers. This can lead to failures of authentication, routing, and other issues.\n\nThis vulnerability can be found in the bundled copy of the Node.JS HTTP parser used in the `NIOHTTP1` module.\n\n### Workarounds\n\nNo workaround is available, users must upgrade.\n\n### References\n\nhttps://nodejs.org/en/blog/vulnerability/february-2020-security-releases/#http-request-smuggling-using-malformed-transfer-encoding-header-critical-cve-2019-15605",
"id": "GHSA-mgc4-wqv7-4pxm",
"modified": "2023-05-18T17:29:43Z",
"published": "2023-05-18T17:29:43Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/security/advisories/GHSA-mgc4-wqv7-4pxm"
},
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/pull/1387"
},
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/pull/1388"
},
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/commit/8da5c5a4e6c5084c296b9f39dc54f00be146e0fa"
},
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/commit/bfde40cac8eca25ce021552513b20ee23fc6e306"
},
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/commit/df9390006bce7da1b6273f804d3acbbfdfcc6154"
},
{
"type": "WEB",
"url": "https://github.com/apple/swift-nio/commit/f94b22b506e3557cb1b325534fa9bbcd39c90246"
},
{
"type": "PACKAGE",
"url": "https://github.com/apple/swift-nio"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…