Red Hat Software Collections update for rh-nodejs12-nodejs
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 10 |
| CVE-ID | CVE-2021-3918 CVE-2021-22959 CVE-2021-22960 CVE-2021-37701 CVE-2021-37712 CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2021-44906 CVE-2022-21824 |
| CWE-ID | CWE-94 CWE-444 CWE-22 CWE-295 CWE-297 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
rh-nodejs12-nodejs (Red Hat package) Operating systems & Components / Operating system package or component Red Hat Software Collections Universal components / Libraries / Software for developers |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
1) Code Injection
EUVDB-ID: #VU64034
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3918
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to insufficient sanitization of user-supplied data during the validation of a JSON object. A remote attacker can pass a specially crafted JSON file for validation and execute arbitrary code.
MitigationInstall updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU59233
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-22959
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to preform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests, where the application accepts requests with a space right after the header name before the colon. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationInstall updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU59234
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-22960
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to preform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests, where the application ignores chunk extensions when parsing the body of chunked requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationInstall updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Path traversal
EUVDB-ID: #VU58202
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37701
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to overwrite arbitrary files on the system.
The vulnerability exists due to input validation error when extracting tar files that contained both a directory and a symlink with
the same name as the directory, where the symlink and directory names in
the archive entry used backslashes as a path separator on posix
systems. A remote attacker can create a specially crafted archive and overwrite arbitrary files on the system.
Install updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Path traversal
EUVDB-ID: #VU58203
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37712
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when extracting tar files that contained two directories and a symlink
with names containing unicode values that normalized to the same value. A remote attacker can create a specially crafted archive that, when extracted, can overwrite arbitrary files on the system.
Install updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper Certificate Validation
EUVDB-ID: #VU59548
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44531
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The
vulnerability exists due to insufficient validation of URI Subject
Alternative Names. Node.js accepts arbitrary Subject Alternative Name
(SAN) types, unless a PKI
is specifically defined to use a particular SAN type. A remote attacker
can bypass name-constrained intermediates and perform spoofing attack.
Install updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper validation of certificate with host mismatch
EUVDB-ID: #VU59549
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44532
CWE-ID:
CWE-297 - Improper Validation of Certificate with Host Mismatch
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper validation of certificates, when converting SANs (Subject Alternative Names) to a string format. A remote attacker can inject special characters into the string and perform spoofing attack.
Install updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Improper Certificate Validation
EUVDB-ID: #VU59550
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44533
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper validation of certificate subject and issuer fields. A remote attacker can create a certificate with specially crafted multi-value Relative Distinguished Names and perform spoofing attack.
Install updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Resource exhaustion
EUVDB-ID: #VU64030
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-44906
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
MitigationInstall updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Prototype pollution
EUVDB-ID: #VU59551
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-21824
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to the formatting logic of the console.table() function. A remote attacker can send a specially crafted request and assign an empty string to numerical keys of the object prototype.
Install updates from vendor's website.
rh-nodejs12-nodejs (Red Hat package): 12.22.2-1.el7
Red Hat Software Collections: 1 for RHEL 7
External linkshttp://access.redhat.com/errata/RHSA-2022:4914
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
