CVE-2023-3040

A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14) contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that because this debug function was only used in tests and demos, it was not exploitable in a normal environment.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/cloudflare/lua-resty-json/pull/14	Patch
https://github.com/cloudflare/lua-resty-json/security/advisories/GHSA-h8rp-9622-83pg	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cloudflare:lua-resty-json:*:*:*:*:*:*:*:*

History

28 Jun 2023, 19:16

Type	Values Removed	Values Added
References	~~(MISC) https://github.com/cloudflare/lua-resty-json/security/advisories/GHSA-h8rp-9622-83pg -~~	(MISC) https://github.com/cloudflare/lua-resty-json/security/advisories/GHSA-h8rp-9622-83pg - Patch, Third Party Advisory
References	~~(MISC) https://github.com/cloudflare/lua-resty-json/pull/14 -~~	(MISC) https://github.com/cloudflare/lua-resty-json/pull/14 - Patch
CWE		CWE-125
First Time		Cloudflare Cloudflare lua-resty-json
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CPE		cpe:2.3:a:cloudflare:lua-resty-json::::::::

14 Jun 2023, 12:54

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-14 12:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-3040

Mitre link : CVE-2023-3040

CVE.ORG link : CVE-2023-3040

JSON object : View

Products Affected

cloudflare

lua-resty-json

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2023-3040", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cna@cloudflare.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2023-06-14T12:15:09.730", "references": [{"url": "https://github.com/cloudflare/lua-resty-json/pull/14", "tags": ["Patch"], "source": "cna@cloudflare.com"}, {"url": "https://github.com/cloudflare/lua-resty-json/security/advisories/GHSA-h8rp-9622-83pg", "tags": ["Patch", "Third Party Advisory"], "source": "cna@cloudflare.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}, {"type": "Secondary", "source": "cna@cloudflare.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14) contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that because this debug function was only used in tests and demos, it was not exploitable in a normal environment.\n"}], "lastModified": "2023-06-28T19:16:52.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudflare:lua-resty-json:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1AEFCAA-2DCC-4044-A22F-A8B8AC78C595", "versionEndExcluding": "2023-05-05"}], "operator": "OR"}]}], "sourceIdentifier": "cna@cloudflare.com"}