Lucene search

GoogleOSV:GHSA-VJ2M-9F5J-MPR5

HistoryJun 07, 2023 - 4:26 p.m.

Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware

2023-06-0716:26:25

Google

osv.dev

vapor

http range request

filemiddleware

denial of service

integer overflow

security patch

swift

web framework

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

57.7%

JSON

Vapor is an HTTP web framework for Swift and middleware is a logic chain between the client and a Vapor route handler. FileMiddleware enables the serving of assets from the Public folder of a project to the client.

Vapor before 4.60.3 is vulnerable to denial of service due to an integer overflow when given invalid range headers while using FileMiddleware. This is patched in 4.60.3.

References

github.com/vapor/vapor

github.com/vapor/vapor/commit/953a349b539b3e0d3653585c8ffb50c427986df1

github.com/vapor/vapor/releases/tag/4.60.3

github.com/vapor/vapor/security/advisories/GHSA-vj2m-9f5j-mpr5

nvd.nist.gov/vuln/detail/CVE-2022-31005

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

57.7%

JSON

Related for OSV:GHSA-VJ2M-9F5J-MPR5