SUSE update for nodejs20
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2024-24806 CVE-2024-27982 CVE-2024-27983 CVE-2024-30260 CVE-2024-30261 |
| CWE-ID | CWE-918 CWE-444 CWE-617 CWE-200 CWE-345 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
Web and Scripting Module Operating systems & Components / Operating system SUSE Linux Enterprise Server for SAP Applications 15 Operating systems & Components / Operating system SUSE Linux Enterprise Server 15 Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing 15 Operating systems & Components / Operating system openSUSE Leap Operating systems & Components / Operating system corepack20 Operating systems & Components / Operating system package or component nodejs20-docs Operating systems & Components / Operating system package or component nodejs20 Operating systems & Components / Operating system package or component npm20 Operating systems & Components / Operating system package or component nodejs20-devel Operating systems & Components / Operating system package or component nodejs20-debuginfo Operating systems & Components / Operating system package or component nodejs20-debugsource Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU86707
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-24806
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input when handling hostnames longer than 256 characters within the uv_getaddrinfo() function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c. A remote attacker can pass a specially crafted hostname to the application, which can be resolved to an attacker controlled IP address and initiate unauthorized requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationUpdate the affected package nodejs20 to the latest version.
Vulnerable software versionsWeb and Scripting Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
corepack20: before 20.12.1-150500.11.9.2
nodejs20-docs: before 20.12.1-150500.11.9.2
nodejs20: before 20.12.1-150500.11.9.2
npm20: before 20.12.1-150500.11.9.2
nodejs20-devel: before 20.12.1-150500.11.9.2
nodejs20-debuginfo: before 20.12.1-150500.11.9.2
nodejs20-debugsource: before 20.12.1-150500.11.9.2
CPE2.3- cpe:2.3:o:suse:web_and_scripting_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:corepack20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:npm20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241301-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Inconsistent interpretation of HTTP requests
EUVDB-ID: #VU88176
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27982
CWE-ID:
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP request smuggling attacks.
The vulnerability exists due to improper validation of HTTP requests. A remote attacker can send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.
Successful exploitation of vulnerability may allow an attacker to poison HTTP cache and perform phishing attacks.
MitigationUpdate the affected package nodejs20 to the latest version.
Vulnerable software versionsWeb and Scripting Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
corepack20: before 20.12.1-150500.11.9.2
nodejs20-docs: before 20.12.1-150500.11.9.2
nodejs20: before 20.12.1-150500.11.9.2
npm20: before 20.12.1-150500.11.9.2
nodejs20-devel: before 20.12.1-150500.11.9.2
nodejs20-debuginfo: before 20.12.1-150500.11.9.2
nodejs20-debugsource: before 20.12.1-150500.11.9.2
CPE2.3- cpe:2.3:o:suse:web_and_scripting_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:corepack20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:npm20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241301-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Reachable Assertion
EUVDB-ID: #VU88175
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-27983
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when handling HTTP/2 packets. A remote attacker can send a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside and perform a denial of service (DoS) attack.
Update the affected package nodejs20 to the latest version.
Vulnerable software versionsWeb and Scripting Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
corepack20: before 20.12.1-150500.11.9.2
nodejs20-docs: before 20.12.1-150500.11.9.2
nodejs20: before 20.12.1-150500.11.9.2
npm20: before 20.12.1-150500.11.9.2
nodejs20-devel: before 20.12.1-150500.11.9.2
nodejs20-debuginfo: before 20.12.1-150500.11.9.2
nodejs20-debugsource: before 20.12.1-150500.11.9.2
CPE2.3- cpe:2.3:o:suse:web_and_scripting_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:corepack20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:npm20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241301-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Information disclosure
EUVDB-ID: #VU88177
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-30260
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the application clears Authorization and Proxy-Authorization headers during cross-origin redirects for the fetch() method, however does not clear them for the undici.request() method, which can leak sensitive information to an unauthorized party.
Update the affected package nodejs20 to the latest version.
Vulnerable software versionsWeb and Scripting Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
corepack20: before 20.12.1-150500.11.9.2
nodejs20-docs: before 20.12.1-150500.11.9.2
nodejs20: before 20.12.1-150500.11.9.2
npm20: before 20.12.1-150500.11.9.2
nodejs20-devel: before 20.12.1-150500.11.9.2
nodejs20-debuginfo: before 20.12.1-150500.11.9.2
nodejs20-debugsource: before 20.12.1-150500.11.9.2
CPE2.3- cpe:2.3:o:suse:web_and_scripting_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:corepack20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:npm20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241301-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Insufficient verification of data authenticity
EUVDB-ID: #VU88178
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-30261
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to the application does not verify authenticity of data. A remote attacker can alter the "integrity" option passed to fetch(), allowing fetch() to accept requests as valid even if they have been tampered.
MitigationUpdate the affected package nodejs20 to the latest version.
Vulnerable software versionsWeb and Scripting Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP5
SUSE Linux Enterprise Server 15: SP5
SUSE Linux Enterprise High Performance Computing 15: SP5
openSUSE Leap: 15.5
corepack20: before 20.12.1-150500.11.9.2
nodejs20-docs: before 20.12.1-150500.11.9.2
nodejs20: before 20.12.1-150500.11.9.2
npm20: before 20.12.1-150500.11.9.2
nodejs20-devel: before 20.12.1-150500.11.9.2
nodejs20-debuginfo: before 20.12.1-150500.11.9.2
nodejs20-debugsource: before 20.12.1-150500.11.9.2
CPE2.3- cpe:2.3:o:suse:web_and_scripting_module:15-SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_for_sap_applications_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_performance_computing_15:SP5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:opensuse_leap:15.5:*:*:*:*:*:*:*
- cpe:2.3:o:suse:corepack20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-docs:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:npm20:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-devel:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debuginfo:*:*:*:*:*:suse_linux:*:*
- cpe:2.3:o:suse:nodejs20-debugsource:*:*:*:*:*:suse_linux:*:*
https://www.suse.com/support/update/announcement/2024/suse-su-20241301-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
