CVE-2020-8252
published 2020-09-18CVE-2020-8252: The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a…
PriorityP338high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.71%
49.0th percentile
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libuv1 | < libuv1 1.39.0-1 (bookworm) | libuv1 1.39.0-1 (bookworm) |
| fedoraproject | fedora | — | — |
| nodejs | node | >= 10.0 < 10.22.1 | 10.22.1 |
| nodejs | node | >= 11.0 < 11.* | 11.* |
| nodejs | node | >= 12.0 < 12.18.4 | 12.18.4 |
| nodejs | node | >= 13.0 < 13.* | 13.* |
| nodejs | node | >= 14.0 < 14.9.0 | 14.9.0 |
| nodejs | node | >= 4.0 < 4.* | 4.* |
| nodejs | node | >= 5.0 < 5.* | 5.* |
| nodejs | node | >= 6.0 < 6.* | 6.* |
| nodejs | node | >= 7.0 < 7.* | 7.* |
| nodejs | node | >= 8.0 < 8.* | 8.* |
| nodejs | node | >= 9.0 < 9.* | 9.* |
| nodejs | node.js | >= 10.0.0 < 10.22.1 | 10.22.1 |
| nodejs | node.js | >= 12.0.0 < 12.18.4 | 12.18.4 |
| nodejs | node.js | >= 14.0.0 < 14.9.0 | 14.9.0 |
| opensuse | leap | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8LOW
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Hitachi Energy FACTS Control Platform (FCP) Product
cisa_ics·2022-08-30·CVSS 3.7
[LOW] Hitachi Energy FACTS Control Platform (FCP) Product
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Hitachi Energy FACTS Control Platform (FCP) Product
Last RevisedAugust 30, 2022
Alert CodeICSA-22-242-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: FACTS Control Platform (FCP) Product
- Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate Validation, Observable Discrepancy.
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow an attacker to eavesdrop on the traffic betw
CISA ICS
Hitachi Energy Gateway Station (GWS) Product
cisa_ics·2022-08-30·CVSS 3.7
[LOW] Hitachi Energy Gateway Station (GWS) Product
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Hitachi Energy Gateway Station (GWS) Product
Last RevisedAugust 30, 2022
Alert CodeICSA-22-242-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: Gateway Station (GWS) Product
- Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate Validation, Observable Discrepancy
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow unauthorized users to eavesdrop on the traffic between netwo
CISA ICS
Hitachi Energy MicroSCADA Pro/X SYS600
cisa_ics·2022-04-21
Hitachi Energy MicroSCADA Pro/X SYS600
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Hitachi Energy MicroSCADA Pro/X SYS600
Last RevisedApril 21, 2022
Alert CodeICSA-22-111-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Hitachi Energy
- Equipment: MicroSCADA Pro/X SYS600
- Vulnerabilities: Observable Discrepancy, HTTP Request Smuggling, Classic Buffer Overflow, Improper Certificate Validation, Improper Restriction of Operations within the Bounds of a Memory Buffer, Exposure of Sensitive Information to an Unauthorized Actor
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities coul
Ubuntu
libuv vulnerability
vendor_ubuntu·2020-09-28
CVE-2020-8252 libuv vulnerability
Title: libuv vulnerability
Summary: libuv could be made to crash or execute arbitrary code if it received a specially
crafted path.
It was discovered that libuv incorrectly handled certain paths.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Red Hat
libuv: buffer overflow in realpath
vendor_redhat·2020-09-15·CVSS 7.8
CVE-2020-8252 [HIGH] CWE-131 libuv: buffer overflow in realpath
libuv: buffer overflow in realpath
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
A flaw has been found in libuv. The realpath() implementation performs an incorrect calculation when allocating a buffer, leading to a potential buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Statement: As shipped in Red Hat Software Collections (nodejs-10 & nodejs-12) as well as Red Hat Enterprise Linux 8 (nodejs-10 and nodejs-12), no incorrect use of the `UV__PATH_MAX` macro were found. Although the releases of libuv contained in these versions of nod
Debian
CVE-2020-8252: libuv1 - The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used ...
vendor_debian·2020·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252: libuv1 - The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used ...
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Scope: local
bookworm: resolved (fixed in 1.39.0-1)
bullseye: resolved (fixed in 1.39.0-1)
forky: resolved (fixed in 1.39.0-1)
sid: resolved (fixed in 1.39.0-1)
trixie: resolved (fixed in 1.39.0-1)
GHSA
GHSA-c5r6-cm8r-wgh9: The implementation of realpath in libuv < 10
ghsa_unreviewed·2022-05-24
CVE-2020-8252 [CRITICAL] CWE-120 GHSA-c5r6-cm8r-wgh9: The implementation of realpath in libuv < 10
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
OSV
CVE-2020-8252: The implementation of realpath in libuv < 10
osv·2020-09-18·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252: The implementation of realpath in libuv < 10
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-8252 nodejs:12/nodejs: libuv: buffer overflow in realpath [fedora-all]
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 nodejs:12/nodejs: libuv: buffer overflow in realpath [fedora-all]
CVE-2020-8252 nodejs:12/nodejs: libuv: buffer overflow in realpath [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
Bugzilla
CVE-2020-8252 nodejs:13/nodejs: libuv: buffer overflow in realpath [fedora-all]
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 nodejs:13/nodejs: libuv: buffer overflow in realpath [fedora-all]
CVE-2020-8252 nodejs:13/nodejs: libuv: buffer overflow in realpath [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
Bugzilla
CVE-2020-8252 libuv: buffer overflow in realpath
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 libuv: buffer overflow in realpath
CVE-2020-8252 libuv: buffer overflow in realpath
libuv's realpath() implementation performs an incorrect calculation when allocating a buffer, leading to a potential buffer overflow.
Upstream advisory:
https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/
Discussion:
Upstream MR: https://github.com/libuv/libuv/pull/2966
Introduced in commit: https://github.com/libuv/libuv/commit/b56d279b172fbe78dee2fb1d29cae9c9c5c6d1c4
---
Introduced in upstream release 1.24.0
---
Created nodejs tracking bugs for this issue:
Affects: epel-all [bug 1879335]
Affects: fedora-all [bug 1879336]
Created nodejs:11/nodejs tracking bugs for this issue:
Affects: fedora-all [bug 1879337]
Created nodejs:12/nodejs tracking bugs for this issue:
Affects: fedora-all [bug 1879338]
Cr
Bugzilla
CVE-2020-8252 nodejs:14/nodejs: libuv: buffer overflow in realpath [fedora-all]
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 nodejs:14/nodejs: libuv: buffer overflow in realpath [fedora-all]
CVE-2020-8252 nodejs:14/nodejs: libuv: buffer overflow in realpath [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
Bugzilla
CVE-2020-8252 nodejs: libuv: buffer overflow in realpath [fedora-all]
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 nodejs: libuv: buffer overflow in realpath [fedora-all]
CVE-2020-8252 nodejs: libuv: buffer overflow in realpath [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedo
Bugzilla
CVE-2020-8252 nodejs: libuv: buffer overflow in realpath [epel-all]
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 nodejs: libuv: buffer overflow in realpath [epel-all]
CVE-2020-8252 nodejs: libuv: buffer overflow in realpath [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora E
Bugzilla
CVE-2020-8252 nodejs:11/nodejs: libuv: buffer overflow in realpath [fedora-all]
bugzilla·2020-09-16·CVSS 7.8
CVE-2020-8252 [HIGH] CVE-2020-8252 nodejs:11/nodejs: libuv: buffer overflow in realpath [fedora-all]
CVE-2020-8252 nodejs:11/nodejs: libuv: buffer overflow in realpath [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.htmlhttps://hackerone.com/reports/965914https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/https://security.gentoo.org/glsa/202009-15https://security.netapp.com/advisory/ntap-20201009-0004/https://usn.ubuntu.com/4548-1/http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.htmlhttps://hackerone.com/reports/965914https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/https://security.gentoo.org/glsa/202009-15https://security.netapp.com/advisory/ntap-20201009-0004/https://usn.ubuntu.com/4548-1/
2020-09-18
Published