5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
35.7%
Hawk is an HTTP authentication scheme providing mechanisms for making
authenticated HTTP requests with partial cryptographic verification of the
request and response, covering the HTTP method, request URI, host, and
optionally the request payload. Hawk used a regular expression to parse
Host
HTTP header (Hawk.utils.parseHost()
), which was subject to regular
expression DoS attack - meaning each added character in the attacker’s
input increases the computation time exponentially. parseHost()
was
patched in 9.0.1
to use built-in URL
class to parse hostname instead.
Hawk.authenticate()
accepts options
argument. If that contains host
and port
, those would be used instead of a call to utils.parseHost()
.
github.com/mozilla/hawk/commit/ade134119bf1fdc4909d00f5a952c966f0075ad3
github.com/mozilla/hawk/pull/286
github.com/mozilla/hawk/security/advisories/GHSA-44pw-h2cw-w3vq
launchpad.net/bugs/cve/CVE-2022-29167
nvd.nist.gov/vuln/detail/CVE-2022-29167
security-tracker.debian.org/tracker/CVE-2022-29167
ubuntu.com/security/notices/USN-6116-1
www.cve.org/CVERecord?id=CVE-2022-29167
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
35.7%