CVE-2023-26103

Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/denoland/deno/blob/2b247be517d789a37e532849e2e40b724af0918f/ext/http/01_http.js%23L395-L409	Broken Link
https://github.com/denoland/deno/commit/cf06a7c7e672880e1b38598fe445e2c50b4a9d06	Patch
https://github.com/denoland/deno/pull/17722	Patch
https://github.com/denoland/deno/releases/tag/v1.31.0	Release Notes
https://security.snyk.io/vuln/SNYK-RUST-DENO-3315970	Exploit Technical Description Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*

History

07 Nov 2023, 04:09

Type	Values Removed	Values Added
Summary	Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s,s/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server.	Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s,s/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server.

Information

Published : 2023-02-25 05:15

Updated : 2024-02-28 19:51

NVD link : CVE-2023-26103

Mitre link : CVE-2023-26103

CVE.ORG link : CVE-2023-26103

JSON object : View

Products Affected

deno

deno

CWE

CWE-1333

Inefficient Regular Expression Complexity

{"id": "CVE-2023-26103", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2023-02-25T05:15:12.343", "references": [{"url": "https://github.com/denoland/deno/blob/2b247be517d789a37e532849e2e40b724af0918f/ext/http/01_http.js%23L395-L409", "tags": ["Broken Link"], "source": "report@snyk.io"}, {"url": "https://github.com/denoland/deno/commit/cf06a7c7e672880e1b38598fe445e2c50b4a9d06", "tags": ["Patch"], "source": "report@snyk.io"}, {"url": "https://github.com/denoland/deno/pull/17722", "tags": ["Patch"], "source": "report@snyk.io"}, {"url": "https://github.com/denoland/deno/releases/tag/v1.31.0", "tags": ["Release Notes"], "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-RUST-DENO-3315970", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "report@snyk.io"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-1333"}]}, {"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-1333"}]}], "descriptions": [{"lang": "en", "value": "Versions of the package deno before 1.31.0 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the upgradeWebSocket function, which contains regexes in the form of /s*,s*/, used for splitting the Connection/Upgrade header. A specially crafted Connection/Upgrade header can be used to significantly slow down a web socket server.\r\r"}], "lastModified": "2023-11-07T04:09:20.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFFBE1A2-4130-4E48-B807-89F14A2D0CE4", "versionEndExcluding": "1.31.0"}], "operator": "OR"}]}], "sourceIdentifier": "report@snyk.io"}