Bug 2105426 (CVE-2022-32215)
| Summary: | CVE-2022-32215 nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Sage McTaggart <amctagga> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | hhorak, jorton, mrunge, mvanderw, nodejs-maint, nodejs-sig, sgallagh, thrcka, zsvetlik |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | nodejs 14.20.0, nodejs 16.20.0, nodejs 18.5.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers, causing web cache poisoning, and conducting XSS attacks.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-11-30 08:16:13 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2108509, 2108510, 2108511, 2108071, 2108072, 2108073, 2108074, 2108075, 2108512, 2108513, 2108514, 2108515, 2108516, 2108517, 2109532, 2109585, 2109586, 2109588, 2121020 | ||
| Bug Blocks: | 2105423 | ||
|
Description
Sage McTaggart
2022-07-08 18:45:26 UTC
Created nodejs tracking bugs for this issue: Affects: epel-all [bug 2108509] Affects: fedora-all [bug 2108512] Created nodejs:12/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2108513] Created nodejs:13/nodejs tracking bugs for this issue: Affects: epel-all [bug 2108510] Created nodejs:14/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2108514] Created nodejs:15/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2108515] Created nodejs:16-epel/nodejs tracking bugs for this issue: Affects: epel-all [bug 2108511] Created nodejs:16/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2108516] Created nodejs:18/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2108517] Respective commits: v14: https://github.com/nodejs/node/commit/da0fda0fe81d372e24c0cb11aec37534985708dd v16: https://github.com/nodejs/node/commit/1da22eb48254f8c2d5f3c5865bb9f46e8b09ec60 v18: https://github.com/nodejs/node/commit/f2407748e3be07642d318ceb17366f62f41ddc33 This CVE was fixed by updating bundled dependency to newer version. This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2022:6389 https://access.redhat.com/errata/RHSA-2022:6389 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6448 https://access.redhat.com/errata/RHSA-2022:6448 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6449 https://access.redhat.com/errata/RHSA-2022:6449 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6595 https://access.redhat.com/errata/RHSA-2022:6595 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6985 https://access.redhat.com/errata/RHSA-2022:6985 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-32215 |