Msrc Azl3 Nodejs 20.10.0-2 On Azure Linux 3.0 vulnerabilities

CVE-2024-27982 [MEDIUM] The team has identified a critical vulnerability in the http server of the most recent version of Node where malformed headers can lead to HTTP request smuggling. Specifically if a space is placed bef The team has identified a critical vulnerability in the http server of the most recent version of Node where malformed headers can lead to HTTP request smuggling. Specifically if a space is placed before a content-length header it is not interpreted correctly enabling attack

CVE-2024-4603 [MEDIUM] CWE-606 Excessive time spent checking DSA keys and parameters Excessive time spent checking DSA keys and parameters FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-27983 [HIGH] An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 m An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the

CVE-2024-30260 [LOW] CWE-863 Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch request stream pipeline Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch request stream pipeline FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to

CVE-2024-28182 [MEDIUM] CWE-770 Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage Reading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usage FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most

CVE-2023-6237 [MEDIUM] CWE-606 Excessive time spent checking invalid RSA public keys Excessive time spent checking invalid RSA public keys FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the

CVE-2024-2511 [MEDIUM] CWE-1325 Unbounded memory growth with session handling in TLSv1.3 Unbounded memory growth with session handling in TLSv1.3 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with whi

CVE-2024-30261 [LOW] CWE-284 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep

CVE-2024-22017 [HIGH] CWE-250 setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped suc setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects a

CVE-2024-22025 [MEDIUM] CWE-404 A vulnerability in Node.js has been identified allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The A vulnerability in Node.js has been identified allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node

CVE-2024-28863 [MEDIUM] CWE-400 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep

CVE-2024-21896 [CRITICAL] CWE-27 The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer the implementation uses Buffer.fr The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve(). By monk

CVE-2023-42282 [CRITICAL] CWE-918 The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic. The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerabi

CVE-2024-24806 [HIGH] CWE-918 Improper Domain Lookup that potentially leads to SSRF attacks in libuv Improper Domain Lookup that potentially leads to SSRF attacks in libuv FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open

CVE-2024-21891 [HIGH] CWE-22 Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions which can be overwitten with user-defined implementations leading to filesystem permission model Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects all

CVE-2024-22019 [HIGH] CWE-404 A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding leading to resource exhaustion and denial of service (DoS). The server reads a A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection exploiting the l

CVE-2024-21892 [HIGH] CWE-94 On Linux Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_ On Linux Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception Node.js

CVE-2024-21890 [MEDIUM] The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This mislea

CVE-2024-24758 [LOW] CWE-200 Proxy-Authorization header not cleared on cross-origin redirect in fetch in Undici Proxy-Authorization header not cleared on cross-origin redirect in fetch in Undici FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secu

CVE-2023-6129 [MEDIUM] CWE-787 POLY1305 MAC implementation corrupts vector registers on PowerPC POLY1305 MAC implementation corrupts vector registers on PowerPC FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source lib