5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
The implementation of the following functions were determined to include a use-after-free bug:
FetchEvent.client.tlsCipherOpensslName
FetchEvent.client.tlsProtocol
FetchEvent.client.tlsClientCertificate
FetchEvent.client.tlsJA3MD5
FetchEvent.client.tlsClientHello
CacheEntry.prototype.userMetadata
of the fastly:cache
subsystemDevice.lookup
of the fastly:device
subsystemThis bug could allow for an unintended data leak if the result of the preceding functions were sent anywhere else, and often results in a Compute service crash causing an HTTP 500 error to be returned. As all requests to Compute are isolated from one another, the only data at risk is data present for a single request.
This bug has been fixed in version 3.16.0 of the @fastly/js-compute
package.
There are no workarounds for this bug, any use of the affected functions introduces the possibility of a data leak or crash in guest code.
CPE | Name | Operator | Version |
---|---|---|---|
@fastly/js-compute | lt | 3.16.0 | |
@fastly/js-compute | ge | 3.0.0 |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%