CVE-2020-36406

{"id": "CVE-2020-36406", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2021-07-01T03:15:08.000", "references": [{"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25381", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2020-1695.yaml", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/uNetworking/uWebSockets/commit/03fca626a95130ab80f86adada54b29d27242759", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is \"a minor issue or not even an issue at all\" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate"}, {"lang": "es", "value": "** EN DISPUTA ** uWebSockets versiones 18.11.0 y 18.12.0, presenta un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n uWS::TopicTree::trimTree (llamado desde uWS::TopicTree::unsubscribeAll) NOTA: la posici\u00f3n del proveedor es que esto es \"un problema menor o ni siquiera un problema\" porque el desarrollador de una aplicaci\u00f3n (que utiliza uWebSockets) no deber\u00eda permitir que se acumule el gran n\u00famero de temas activados."}], "lastModified": "2024-08-04T18:15:45.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:uwebsockets_project:uwebsockets:18.11.0:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "3AB9BB26-DE76-4B8A-8D56-998171A2F2B0"}, {"criteria": "cpe:2.3:a:uwebsockets_project:uwebsockets:18.12.0:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "58A20B85-0F50-4B08-91F1-4541CA700FD7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}