CVE-2022-29167

{"id": "CVE-2022-29167", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.8}]}, "published": "2022-05-05T23:15:09.083", "references": [{"url": "https://github.com/mozilla/hawk/pull/286", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/mozilla/hawk/security/advisories/GHSA-44pw-h2cw-w3vq", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-1333"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`."}, {"lang": "es", "value": "Hawk es un esquema de autenticaci\u00f3n HTTP que proporciona mecanismos para realizar peticiones HTTP autenticadas con verificaci\u00f3n criptogr\u00e1fica parcial de la petici\u00f3n y la respuesta, cubriendo el m\u00e9todo HTTP, el URI de la petici\u00f3n, el host y, opcionalmente, la carga \u00fatil de la petici\u00f3n. Hawk usaba una expresi\u00f3n regular para analizar el encabezado HTTP \"Host\" (\"Hawk.utils.parseHost()\"), que estaba sujeta a un ataque DoS de expresi\u00f3n regular - lo que significa que cada car\u00e1cter a\u00f1adido en la entrada del atacante aumenta el tiempo de c\u00e1lculo exponencialmente. ParseHost()\" ha sido corregido en versi\u00f3n \"9.0.1\" para usar la clase \"URL' incorporada para analizar el nombre de host. Hawk.authenticate()\" acepta el argumento \"options\". Si \u00e9ste contiene \"host\" y \"port\", ser\u00e1n usadas en lugar de una llamada a \"utils.parseHost()\""}], "lastModified": "2023-07-21T16:42:53.857", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:hawk:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "52944D80-ECF3-4739-B338-91E50E563870", "versionEndExcluding": "9.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}