CVE-2021-22918

Description

Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().

CVSS Metrics

• v3.1•MEDIUM•Score: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
• v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.72%• Percentile: 73%

Techniques & Countermeasures

• CWE-125•Out-of-bounds Read

  The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

• nodejs•node

  ≥ 4.0, < 4.* | ≥ 5.0, < 5.* | ≥ 6.0, < 6.* | ≥ 7.0, < 7.* | ≥ 8.0, < 8.* | ≥ 9.0, < 9.* | ≥ 10.0, < 10.* | ≥ 11.0, < 11.* | ≥ 12.0, < 12.22.2 | ≥ 13.0, < 13.* | ≥ 14.0, < 14.17.2 | ≥ 15.0, < 15.* | ≥ 16.0, < 16.4.1

• nodejs•node.js

  ≥ 12.0.0, < 12.22.2 | ≥ 14.0.0, < 14.17.2 | ≥ 16.0.0, < 16.4.1

• siemens•sinec_infrastructure_network_services

  < 1.0.1.1

References (5)

• https://hackerone.com/reports/1209681
• https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/
• https://security.netapp.com/advisory/ntap-20210805-0003/
• https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
• https://security.gentoo.org/glsa/202401-23