{ "threat_severity" : "Moderate", "public_date" : "2023-01-31T00:00:00Z", "bugzilla" : { "description" : "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "id" : "2165824", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-1333", "details" : [ "This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.", "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server." ], "statement" : "The impact of a succesfull exploiation of this vulnerability will only lead to a denial of service of the system,furthermore the exploitation will require an attacker to specifically craft a regular expression patterns in request headers (i.e. nontrivial input) that trigger pathological regex behavior but since most systems will have limits on header sizes or input validation that reduce the risk of triggering the extreme pathological regex cases which is why this has been marked as moderate.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-04-04T00:00:00Z", "advisory" : "RHSA-2023:1582", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nodejs:16-8070020230314140722.bd1311ed" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-04-04T00:00:00Z", "advisory" : "RHSA-2023:1583", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nodejs:18-8070020230322080930.bd1311ed" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-04-12T00:00:00Z", "advisory" : "RHSA-2023:1743", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nodejs:14-8070020230306170042.bd1311ed" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date" : "2023-03-30T00:00:00Z", "advisory" : "RHSA-2023:1533", "cpe" : "cpe:/a:redhat:rhel_eus:8.4", "package" : "nodejs:14-8040020230306170312.522a0ee4" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date" : "2023-04-12T00:00:00Z", "advisory" : "RHSA-2023:1742", "cpe" : "cpe:/a:redhat:rhel_eus:8.6", "package" : "nodejs:14-8060020230306170237.ad008a3a" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2654", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "nodejs:18-9020020230327152102.rhel9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-05-09T00:00:00Z", "advisory" : "RHSA-2023:2655", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "nodejs-1:16.19.1-1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-10-09T00:00:00Z", "advisory" : "RHSA-2023:5533", "cpe" : "cpe:/a:redhat:rhel_eus:9.0", "package" : "nodejs-1:16.20.2-1.el9_0" }, { "product_name" : "Red Hat Migration Toolkit for Containers 1.7", "release_date" : "2023-03-23T00:00:00Z", "advisory" : "RHSA-2023:1428", "cpe" : "cpe:/a:redhat:rhmt:1.7::el8", "package" : "rhmtc/openshift-migration-ui-rhel8:v1.7.8-5" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2023-04-12T00:00:00Z", "advisory" : "RHSA-2023:1744", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-nodejs14-0:3.6-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2023-04-12T00:00:00Z", "advisory" : "RHSA-2023:1744", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-nodejs14-nodejs-0:14.21.3-2.el7" }, { "product_name" : "RHINT Service Registry 2.4.3 GA", "release_date" : "2023-06-27T00:00:00Z", "advisory" : "RHSA-2023:3815", "cpe" : "cpe:/a:redhat:service_registry:2.4", "package" : "http-cache-semantics" } ], "package_state" : [ { "product_name" : "Migration Toolkit for Virtualization", "fix_state" : "Affected", "package_name" : "migration-toolkit-virtualization/mtv-ui-rhel8", "cpe" : "cpe:/a:redhat:migration_toolkit_virtualization:2" }, { "product_name" : ".NET 6.0 on Red Hat Enterprise Linux", "fix_state" : "Out of support scope", "package_name" : "rh-dotnet60-dotnet", "cpe" : "cpe:/a:redhat:rhel_dotnet:6.0" }, { "product_name" : "OpenShift Service Mesh 2", "fix_state" : "Affected", "package_name" : "openshift-service-mesh/kiali-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2" }, { "product_name" : "OpenShift Service Mesh 2.1", "fix_state" : "Affected", "package_name" : "openshift-service-mesh/kiali-rhel8", "cpe" : "cpe:/a:redhat:service_mesh:2.1" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Affected", "package_name" : "rhacm2/console-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Not affected", "package_name" : "rhacm2/search-api-rhel8", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-central-db-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-docs-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-main-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-rhel8-operator", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-roxctl-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Decision Manager 7", "fix_state" : "Not affected", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:jboss_enterprise_brms_platform:7" }, { "product_name" : "Red Hat Discovery 1", "fix_state" : "Affected", "package_name" : "discovery-server-container", "cpe" : "cpe:/a:redhat:discovery:1" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "cockpit", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "cockpit-appstream", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:rhel8/cockpit-podman", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "dotnet6.0", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "dotnet6.0", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Out of support scope", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat Integration Camel K 1", "fix_state" : "Not affected", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:integration:1" }, { "product_name" : "Red Hat JBoss Data Grid 7", "fix_state" : "Out of support scope", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:jboss_data_grid:7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 6", "fix_state" : "Out of support scope", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7", "fix_state" : "Not affected", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Not affected", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "fix_state" : "Out of support scope", "package_name" : "openshift3/ose-console", "cpe" : "cpe:/a:redhat:openshift:3.11" }, { "product_name" : "Red Hat Openshift Container Storage 4", "fix_state" : "Out of support scope", "package_name" : "ocs4/mcg-core-rhel8", "cpe" : "cpe:/a:redhat:openshift_container_storage:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "noobaa-core-container", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Affected", "package_name" : "odf4/mcg-core-rhel8", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Affected", "package_name" : "devspaces/code-rhel8", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Affected", "package_name" : "devspaces/dashboard-rhel8", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Out of support scope", "package_name" : "devspaces-theia-endpoint-rhel8-container", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Out of support scope", "package_name" : "devspaces-theia-rhel8-container", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Affected", "package_name" : "rhosdt/jaeger-all-in-one-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat OpenShift distributed tracing 2", "fix_state" : "Affected", "package_name" : "rhosdt/jaeger-query-rhel8", "cpe" : "cpe:/a:redhat:openshift_distributed_tracing:2" }, { "product_name" : "Red Hat Single Sign-On 7", "fix_state" : "Not affected", "package_name" : "http-cache-semantics", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-25881\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-25881" ], "name" : "CVE-2022-25881", "csaw" : false }