{"containers": {"cna": {"affected": [{"product": "https://github.com/nodejs/node", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed in 10.24.0, 12.21.0, 14.16.0, 15.10.0"}]}], "descriptions": [{"lang": "en", "value": "Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes \u201clocalhost6\u201d. When \u201clocalhost6\u201d is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the \u201clocalhost6\u201d domain. As long as the attacker uses the \u201clocalhost6\u201d domain, they can still apply the attack described in CVE-2018-7160."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-350", "description": "Reliance on Reverse DNS Resolution for a Security-Critical Action (CWE-350)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-08T14:08:07", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/1069487"}, {"tags": ["x_refsource_MISC"], "url": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/"}, {"tags": ["x_refsource_MISC"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160"}, {"name": "FEDORA-2021-a760169c3c", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/"}, {"name": "FEDORA-2021-f6bd75e9d4", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/"}, {"name": "FEDORA-2021-6aaba80ba2", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210416-0001/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210723-0001/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "ID": "CVE-2021-22884", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "https://github.com/nodejs/node", "version": {"version_data": [{"version_value": "Fixed in 10.24.0, 12.21.0, 14.16.0, 15.10.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes \u201clocalhost6\u201d. When \u201clocalhost6\u201d is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the \u201clocalhost6\u201d domain. As long as the attacker uses the \u201clocalhost6\u201d domain, they can still apply the attack described in CVE-2018-7160."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Reliance on Reverse DNS Resolution for a Security-Critical Action (CWE-350)"}]}]}, "references": {"reference_data": [{"name": "https://hackerone.com/reports/1069487", "refsource": "MISC", "url": "https://hackerone.com/reports/1069487"}, {"name": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/", "refsource": "MISC", "url": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/"}, {"name": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160", "refsource": "MISC", "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160"}, {"name": "FEDORA-2021-a760169c3c", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/"}, {"name": "FEDORA-2021-f6bd75e9d4", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/"}, {"name": "FEDORA-2021-6aaba80ba2", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/"}, {"name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"name": "https://security.netapp.com/advisory/ntap-20210416-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210416-0001/"}, {"name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"name": "https://security.netapp.com/advisory/ntap-20210723-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210723-0001/"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:58:24.766Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/1069487"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160"}, {"name": "FEDORA-2021-a760169c3c", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/"}, {"name": "FEDORA-2021-f6bd75e9d4", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/"}, {"name": "FEDORA-2021-6aaba80ba2", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210416-0001/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20210723-0001/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2021-22884", "datePublished": "2021-03-03T17:37:46", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-08-03T18:58:24.766Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "matchCriteriaId": "0B8440E6-CAF3-456D-A9B4-4EBF33AC3F37", "versionEndExcluding": "10.24.0", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "matchCriteriaId": "4533F19F-C946-4203-8331-0317A0544D96", "versionEndExcluding": "12.21.0", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "matchCriteriaId": "EB0738FA-DE42-4E1A-A67D-4C6357C2D720", "versionEndExcluding": "14.16.0", "versionStartIncluding": "14.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "matchCriteriaId": "E640EA36-17B2-4745-A831-AB8655F3579D", "versionEndExcluding": "15.10.0", "versionStartIncluding": "15.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", "matchCriteriaId": "24B8DB06-590A-4008-B0AB-FCD1401C77C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", "matchCriteriaId": "058C7C4B-D692-49DE-924A-C2725A8162D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*", "matchCriteriaId": "0F0434A5-F2A1-4973-917C-A95F2ABE97D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*", "matchCriteriaId": "96DD93E0-274E-4C36-99F3-EEF085E57655", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "86305E47-33E9-411C-B932-08C395C09982", "versionEndExcluding": "9.2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*", "matchCriteriaId": "1FD765AD-DEE4-41C5-9746-A2294D5F21C7", "versionEndIncluding": "8.0.25", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*", "matchCriteriaId": "D04565AE-D092-4AE0-8FEE-0E8114662A1B", "versionEndExcluding": "20.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253", "versionEndExcluding": "1.0.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes \u201clocalhost6\u201d. When \u201clocalhost6\u201d is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the \u201clocalhost6\u201d domain. As long as the attacker uses the \u201clocalhost6\u201d domain, they can still apply the attack described in CVE-2018-7160."}, {"lang": "es", "value": "Node.js versiones anteriores a 10.24.0, 12.21.0, 14.16.0 y 15.10.0, es vulnerable a unos ataques de reenlace de DNS, ya que la lista blanca incluye \u201clocalhost6\u201d. Cuando \u201clocalhost6\u201d no est\u00e1 presente en el archivo /etc/hosts, es solo un dominio ordinario que es resuelto por medio de DNS, es decir, a trav\u00e9s de la red. Si el atacante controla el servidor DNS de la v\u00edctima o puede falsificar sus respuestas, la protecci\u00f3n de reenlace de DNS se puede omitir usando el dominio \"localhost6\". Siempre que el atacante use el dominio \"localhost6\", a\u00fan puede aplicar el ataque descrito en el CVE-2018-7160"}], "id": "CVE-2021-22884", "lastModified": "2023-11-07T03:30:27.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-03-03T18:15:14.957", "references": [{"source": "support@hackerone.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"}, {"source": "support@hackerone.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://hackerone.com/reports/1069487"}, {"source": "support@hackerone.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7/"}, {"source": "support@hackerone.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG/"}, {"source": "support@hackerone.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ/"}, {"source": "support@hackerone.com", "tags": ["Patch", "Release Notes", "Vendor Advisory"], "url": "https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/"}, {"source": "support@hackerone.com", "tags": ["Patch", "Release Notes", "Vendor Advisory"], "url": "https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/#node-js-inspector-dns-rebinding-vulnerability-cve-2018-7160"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210416-0001/"}, {"source": "support@hackerone.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210723-0001/"}, {"source": "support@hackerone.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "support@hackerone.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"source": "support@hackerone.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-350"}], "source": "support@hackerone.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2021:0734", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:12-8030020210302104621.229f0a1c", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-03-04T00:00:00Z"}, {"advisory": "RHSA-2021:0735", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:10-8030020210225164533.229f0a1c", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-03-04T00:00:00Z"}, {"advisory": "RHSA-2021:0744", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "nodejs:14-8030020210301172147.229f0a1c", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-03-08T00:00:00Z"}, {"advisory": "RHSA-2021:0739", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "nodejs:12-8010020210302113522.c27ad7f8", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-03-08T00:00:00Z"}, {"advisory": "RHSA-2021:0741", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "nodejs:10-8010020210225115101.c27ad7f8", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-03-08T00:00:00Z"}, {"advisory": "RHSA-2021:0738", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "nodejs:10-8020020210225153906.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-03-08T00:00:00Z"}, {"advisory": "RHSA-2021:0740", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "nodejs:12-8020020210302112530.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-03-08T00:00:00Z"}, {"advisory": "RHSA-2021:0827", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs10-nodejs-0:10.24.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0830", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs14-nodejs-0:14.16.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0831", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs12-nodejs-0:12.21.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0827", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs10-nodejs-0:10.24.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0830", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs14-nodejs-0:14.16.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0831", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs12-nodejs-0:12.21.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0827", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs10-nodejs-0:10.24.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0830", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs14-nodejs-0:14.16.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0831", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-nodejs12-nodejs-0:12.21.0-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date": "2021-03-15T00:00:00Z"}], "bugzilla": {"description": "nodejs: DNS rebinding in --inspect", "id": "1932024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932024"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-20", "details": ["Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes \u201clocalhost6\u201d. When \u201clocalhost6\u201d is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the \u201clocalhost6\u201d domain. As long as the attacker uses the \u201clocalhost6\u201d domain, they can still apply the attack described in CVE-2018-7160.", "A flaw was found in nodejs. A denial of service is possible when the whitelist includes \u201clocalhost6\u201d. When \u201clocalhost6\u201d is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the \u201clocalhost6\u201d domain. As long as the attacker uses the \u201clocalhost6\u201d domain, they can still apply the attack described in CVE-2018-7160."], "mitigation": {"lang": "en:us", "value": "Ensure that 'localhost6' is part of /etc/hosts.\ne.g.: \n```\n$ grep localhost6 /etc/hosts\n::1 localhost localhost.localdomain localhost6 localhost6.localdomain6\n```"}, "name": "CVE-2021-22884", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Will not fix", "impact": "low", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2021-02-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-22884\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-22884"], "statement": "Red Hat Enterprise Linux ships with `localhost` and `localhost6` defined in `/etc/hosts`, and thus in general, would not be affected by this flaw, with some specific exceptions, such as :\n- `/etc/hosts` is disabled or has its default content (including `localhost6`) removed\n- the inspector is accessed using SSH tunneling from a remote computer that does not have `localhost6` statically defined\nRed Hat Quay from version 3.4 consumes the nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because they don't use the debug option (--inspect) and nodejs is only used at build time [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409", "threat_severity": "Moderate", "upstream_fix": "node 15.10.0, node 14.16.0, node 12.21.0, node 10.24.0"}