GSD-2022-31142
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-31142",
"description": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.",
"id": "GSD-2022-31142"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-31142"
],
"details": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.",
"id": "GSD-2022-31142",
"modified": "2023-12-13T01:19:17.486770Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31142",
"STATE": "PUBLIC",
"TITLE": "Potential Timing Attack Vector in @fastify/bearer-auth"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "fastify-bearer-auth",
"version": {
"version_data": [
{
"version_value": "\u003e= 5.0.1, \u003c 7.0.2"
},
{
"version_value": "= 8.0.0"
}
]
}
}
]
},
"vendor_name": "fastify"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208: Observable Timing Discrepancy"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr",
"refsource": "CONFIRM",
"url": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr"
},
{
"name": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4",
"refsource": "MISC",
"url": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4"
},
{
"name": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716",
"refsource": "MISC",
"url": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716"
},
{
"name": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f",
"refsource": "MISC",
"url": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f"
},
{
"name": "https://hackerone.com/reports/1633287",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1633287"
}
]
},
"source": {
"advisory": "GHSA-376v-xgjx-7mfr",
"discovery": "UNKNOWN"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c7.0.2||=8.0.0",
"affected_versions": "All versions before 7.0.2, version 8.0.0",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-203",
"CWE-937"
],
"date": "2022-07-21",
"description": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use `crypto.timingSafeEqual`. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.",
"fixed_versions": [
"7.0.2",
"8.0.1"
],
"identifier": "CVE-2022-31142",
"identifiers": [
"GHSA-376v-xgjx-7mfr",
"CVE-2022-31142"
],
"not_impacted": "All versions starting from 7.0.2 before 8.0.0, all versions after 8.0.0",
"package_slug": "npm/@fastify/bearer-auth",
"pubdate": "2022-07-15",
"solution": "Upgrade to versions 7.0.2, 8.0.1 or above.",
"title": "Observable Discrepancy",
"urls": [
"https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr",
"https://nvd.nist.gov/vuln/detail/CVE-2022-31142",
"https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4",
"https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716",
"https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f",
"https://hackerone.com/reports/1633287",
"https://github.com/advisories/GHSA-376v-xgjx-7mfr"
],
"uuid": "b4f1dd08-4a9a-470c-b49d-b59bbdffddcc"
},
{
"affected_range": "\u003c7.0.2||\u003e=8.0.0 \u003c8.0.1",
"affected_versions": "All versions before 7.0.2, all versions starting from 8.0.0 before 8.0.1",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-203",
"CWE-937"
],
"date": "2022-07-20",
"description": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.",
"fixed_versions": [
"7.0.2",
"8.0.1"
],
"identifier": "CVE-2022-31142",
"identifiers": [
"CVE-2022-31142",
"GHSA-376v-xgjx-7mfr"
],
"not_impacted": "All versions starting from 7.0.2 before 8.0.0, all versions starting from 8.0.1",
"package_slug": "npm/bearer-auth",
"pubdate": "2022-07-14",
"solution": "Upgrade to versions 7.0.2, 8.0.1 or above.",
"title": "Observable Discrepancy",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-31142",
"https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f",
"https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716",
"https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr",
"https://hackerone.com/reports/1633287",
"https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4"
],
"uuid": "f70b692f-59c7-4496-b5ef-979229d84be1"
},
{
"affected_range": "\u003e=5.0.1 \u003c7.0.2",
"affected_versions": "All versions starting from 5.0.1 up to 7.0.1",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-203",
"CWE-937"
],
"date": "2022-07-21",
"description": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use `crypto.timingSafeEqual`. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.",
"fixed_versions": [
"7.0.2"
],
"identifier": "CVE-2022-31142",
"identifiers": [
"GHSA-376v-xgjx-7mfr",
"CVE-2022-31142"
],
"not_impacted": "All versions starting from 7.0.2",
"package_slug": "npm/fastify-bearer-auth",
"pubdate": "2022-07-15",
"solution": "Upgrade to version 7.0.2 or above.",
"title": "Observable Discrepancy",
"urls": [
"https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr",
"https://nvd.nist.gov/vuln/detail/CVE-2022-31142",
"https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4",
"https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716",
"https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f",
"https://hackerone.com/reports/1633287",
"https://github.com/advisories/GHSA-376v-xgjx-7mfr"
],
"uuid": "b7b433b9-b7a4-43db-93d4-15d313118758"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:fastify:bearer-auth:8.0.0:*:*:*:*:node.js:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fastify:bearer-auth:*:*:*:*:*:node.js:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "5.0.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31142"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f"
},
{
"name": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716"
},
{
"name": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr"
},
{
"name": "https://hackerone.com/reports/1633287",
"refsource": "MISC",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://hackerone.com/reports/1633287"
},
{
"name": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-07-20T12:45Z",
"publishedDate": "2022-07-14T19:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…