CVE-2021-22918
published 2021-07-12CVE-2021-22918: Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is…
PriorityP339medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
23.13%
97.5th percentile
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libuv1 | < libuv1 1.40.0-2 (bookworm) | libuv1 1.40.0-2 (bookworm) |
| msrc | azl3_pytorch_2.2.2-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_pytorch_2.2.2-7_on_azure_linux_3.0 | — | — |
| msrc | cm1_nodejs_14.17.2-1_on_cbl_mariner_1.0 | — | — |
| nodejs | node | >= 10.0 < 10.* | 10.* |
| nodejs | node | >= 11.0 < 11.* | 11.* |
| nodejs | node | >= 12.0 < 12.22.2 | 12.22.2 |
| nodejs | node | >= 13.0 < 13.* | 13.* |
| nodejs | node | >= 14.0 < 14.17.2 | 14.17.2 |
| nodejs | node | >= 15.0 < 15.* | 15.* |
| nodejs | node | >= 16.0 < 16.4.1 | 16.4.1 |
| nodejs | node | >= 4.0 < 4.* | 4.* |
| nodejs | node | >= 5.0 < 5.* | 5.* |
| nodejs | node | >= 6.0 < 6.* | 6.* |
| nodejs | node | >= 7.0 < 7.* | 7.* |
| nodejs | node | >= 8.0 < 8.* | 8.* |
| nodejs | node | >= 9.0 < 9.* | 9.* |
| nodejs | node.js | >= 12.0.0 < 12.22.2 | 12.22.2 |
| nodejs | node.js | >= 14.0.0 < 14.17.2 | 14.17.2 |
| nodejs | node.js | >= 16.0.0 < 16.4.1 | 16.4.1 |
| siemens | sinec_infrastructure_network_services | < 1.0.1.1 | 1.0.1.1 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
vendor_msrc5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Out-of-Bounds Read in Node.js
ghsa_unreviewed·2021-07-13
CVE-2021-22918 [HIGH] CWE-125 Out-of-Bounds Read in Node.js
Out-of-Bounds Read in Node.js
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
OSV
CVE-2021-22918: Node
osv·2021-07-12·CVSS 5.3
CVE-2021-22918 [MEDIUM] CVE-2021-22918: Node
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
CISA ICS
Siemens SINEC INS
cisa_ics·2022-03-10·CVSS 5.9
[MEDIUM] Siemens SINEC INS
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SINEC INS
Last RevisedMarch 10, 2022
Alert CodeICSA-22-069-09
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEC INS
- Vulnerability: Using Components with Known Vulnerabilities
## 2. RISK EVALUATION
Successful exploitation of this vulnerability in third-party components could allow an attacker to interfere with the affected product in various ways.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
Siemens reports this vulnerability affects the following SINEC INS (Infrastructure Netw
Microsoft
Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether i
vendor_msrc·2021-07-13·CVSS 5.3
CVE-2021-22918 [MEDIUM] CWE-125 Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether i
Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency
Ubuntu
libuv vulnerability
vendor_ubuntu·2021-07-07
CVE-2021-22918 libuv vulnerability
Title: libuv vulnerability
Summary: libuv could be made to crash or expose sensitive information if it
received a specially crafted input.
Eric Sesterhenn discovered that libuv incorrectly handled certain strings.
An attacker could possibly use this issue to access sensitive information
or cause a crash.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes
vendor_redhat·2021-07-01·CVSS 5.3
CVE-2021-22918 [MEDIUM] CWE-125 libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes
libuv: out-of-bounds read in uv__idna_toascii() can lead to information disclosures or crashes
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
A flaw has been found in libuv. Node.js is vulnerable to out-of-bounds read in libuv's uv__idna_toascii() function which is used to convert strings to ASCII which is called by Node's DNS module's lookup() function and can lead to information disclosures or crashes. The highest threat from this vulnerability is to syst
Debian
CVE-2021-22918: libuv1 - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read w...
vendor_debian·2021·CVSS 5.3
CVE-2021-22918 [MEDIUM] CVE-2021-22918: libuv1 - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read w...
Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().
Scope: local
bookworm: resolved (fixed in 1.40.0-2)
bullseye: resolved (fixed in 1.40.0-2)
forky: resolved (fixed in 1.40.0-2)
sid: resolved (fixed in 1.40.0-2)
trixie: resolved (fixed in 1.40.0-2)
No detection rules found.
No public exploits indexed.
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfhttps://hackerone.com/reports/1209681https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/https://security.gentoo.org/glsa/202401-23https://security.netapp.com/advisory/ntap-20210805-0003/https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfhttps://hackerone.com/reports/1209681https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/https://security.gentoo.org/glsa/202401-23https://security.netapp.com/advisory/ntap-20210805-0003/
2021-07-12
Published