CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-32210
https://notcve.org/view.php?id=CVE-2022-32210
`Undici.ProxyAgent` never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually sent via plain-text HTTP between Undici and the proxy server. "Undici.ProxyAgent" nunca verifica el certificado del servidor remoto, y siempre expone todos los datos de petición y respuesta al proxy. Esto significa inesperadamente que los proxies pueden MitM todo el tráfico HTTPS, y si la URL del proxy es HTTP entonces también significa que las peticiones nominalmente HTTPS son realmente enviadas por medio de texto plano HTTP entre Undici y el servidor proxy • https://github.com/nodejs/undici/security/advisories/GHSA-pgw7-wx7w-2w33 https://hackerone.com/reports/1583680 • CWE-295: Improper Certificate Validation •
CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-32223
https://notcve.org/view.php?id=CVE-2022-32223
Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability. Node.js es vulnerable a un Flujo de Ejecución de Secuestro: Secuestro de DLL bajo determinadas condiciones en plataformas Windows. Esta vulnerabilidad puede ser explotada si la víctima presenta las siguientes dependencias en una máquina Windows:* OpenSSL ha sido instalada y "C:\Program Files\Common Files\SSL\openssl.cnf" se presenta. Siempre que sean dadas las condiciones anteriores, "node.exe" buscará "providers.dll" en el directorio actual del usuario. Después, "node.exe" intentará buscar "providers.dll" mediante el orden de búsqueda de DLL en Windows. • https://hackerone.com/reports/1447455 https://nodejs.org/en/blog/vulnerability/july-2022-security-releases https://security.netapp.com/advisory/ntap-20220915-0001 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1CVE-2022-32222
https://notcve.org/view.php?id=CVE-2022-32222
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3. Se presenta una vulnerabilidad criptográfica en Node.js en linux en versiones 18.x anteriores a 18.40.0, que permitía una ruta por defecto para openssl.cnf que podría ser accesible en algunas circunstancias para un usuario no administrador en lugar de /etc/ssl como era el caso en las versiones anteriores a la actualización a OpenSSL 3 • https://hackerone.com/reports/1695596 • CWE-310: Cryptographic Issues CWE-427: Uncontrolled Search Path Element •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-32214 – nodejs: HTTP request smuggling due to improper delimiting of header fields
https://notcve.org/view.php?id=CVE-2022-32214
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). El parser llhttp anteriores a la versión v14.20.1, anteriores a la versión v16.17.1 y anteriores a la versión v18.9.1 del módulo http en Node.js no utiliza estrictamente la secuencia CRLF para delimitar las peticiones HTTP. Esto puede llevar a un contrabando de peticiones HTTP (HRS) A vulnerability was found in NodeJS due to the llhttp parser in the http module not strictly using the CRLF sequence to delimit HTTP requests. This issue can lead to HTTP Request Smuggling (HRS). • https://hackerone.com/reports/1524692 https://nodejs.org/en/blog/vulnerability/july-2022-security-releases https://www.debian.org/security/2023/dsa-5326 https://access.redhat.com/security/cve/CVE-2022-32214 https://bugzilla.redhat.com/show_bug.cgi?id=2105428 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.5EPSS: 1%CPEs: 16EXPL: 1CVE-2022-32215 – nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding
https://notcve.org/view.php?id=CVE-2022-32215
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). El parser llhttp anteriores a la versión v14.20.1, anteriores a la versión v16.17.1 y anteriores a la versión v18.9.1 del módulo http en Node.js no maneja correctamente las cabeceras Transfer-Encoding de varias líneas. Esto puede llevar al contrabando de solicitudes HTTP (HRS) A vulnerability was found in NodeJS due to the llhttp parser in the HTTP module incorrectly handling multi-line Transfer-Encoding headers. This issue can lead to HTTP Request Smuggling (HRS). • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf https://hackerone.com/reports/1501679 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY https://nodejs.org/en/blog/vulnerability/july-2022-security-releases • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •