CVE-2021-23354 - OpenCVE

The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0 +\-\]*)(\*|\d+)?(\.)?(\*|\d+)?[hlL]?([\%bscdeEfFgGioOuxX])/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Adaltas	Printf

Configuration 1 [-]

cpe:2.3:a:adaltas:printf:*:*:*:*:*:node.js:*:*

References

Link	Resource
https://github.com/adaltas/node-printf/issues/31	Exploit Issue Tracking Third Party Advisory
https://github.com/adaltas/node-printf/pull/32	Patch Third Party Advisory
https://snyk.io/vuln/SNYK-JS-PRINTF-1072096	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: snyk

Published: 2021-03-12T00:00:00

Updated: 2021-03-12T15:10:15

Reserved: 2021-01-08T00:00:00

Link: CVE-2021-23354

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-03-12T15:15:14.207

Modified: 2023-08-08T14:22:24.967

Link: CVE-2021-23354

JSON object: View

Redhat Information

No data.

CWE

CWE-1333

{"containers": {"cna": {"affected": [{"product": "printf", "vendor": "n/a", "versions": [{"lessThan": "0.6.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Yeting Li"}], "datePublic": "2021-03-12T00:00:00", "descriptions": [{"lang": "en", "value": "The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\\%(?:\\(([\\w_.]+)\\)|([1-9]\\d*)\\$)?([0 +\\-\\]*)(\\*|\\d+)?(\\.)?(\\*|\\d+)?[hlL]?([\\%bscdeEfFgGioOuxX])/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-03-12T15:10:15", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://snyk.io/vuln/SNYK-JS-PRINTF-1072096"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/adaltas/node-printf/pull/32"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/adaltas/node-printf/issues/31"}], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2021-03-12T15:08:10.668042Z", "ID": "CVE-2021-23354", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "printf", "version": {"version_data": [{"version_affected": "<", "version_value": "0.6.1"}]}}]}, "vendor_name": "n/a"}]}}, "credit": [{"lang": "eng", "value": "Yeting Li"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\\%(?:\\(([\\w_.]+)\\)|([1-9]\\d*)\\$)?([0 +\\-\\]*)(\\*|\\d+)?(\\.)?(\\*|\\d+)?[hlL]?([\\%bscdeEfFgGioOuxX])/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)"}]}]}, "references": {"reference_data": [{"name": "https://snyk.io/vuln/SNYK-JS-PRINTF-1072096", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-PRINTF-1072096"}, {"name": "https://github.com/adaltas/node-printf/pull/32", "refsource": "MISC", "url": "https://github.com/adaltas/node-printf/pull/32"}, {"name": "https://github.com/adaltas/node-printf/issues/31", "refsource": "MISC", "url": "https://github.com/adaltas/node-printf/issues/31"}]}}}}, "cveMetadata": {"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2021-23354", "datePublished": "2021-03-12T00:00:00", "dateReserved": "2021-01-08T00:00:00", "dateUpdated": "2021-03-12T15:10:15", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adaltas:printf:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "355FBD56-0D7A-4DB1-9517-BAD18C121E39", "versionEndExcluding": "0.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\\%(?:\\(([\\w_.]+)\\)|([1-9]\\d*)\\$)?([0 +\\-\\]*)(\\*|\\d+)?(\\.)?(\\*|\\d+)?[hlL]?([\\%bscdeEfFgGioOuxX])/g in lib/printf.js. The vulnerable regular expression has cubic worst-case time complexity."}, {"lang": "es", "value": "El paquete printf versiones anteriores a 0.6.1, es vulnerable a una Denegaci\u00f3n de Servicio de Expresi\u00f3n Regular (ReDoS) por medio de la cadena de expresiones regulares /\\%(?:\\(([\\w_.]+)\\)|([1-9]\\d*)\\$)?([0+\\ -\\]*)(\\* |\\d+)?(\\.)? (\\*|\\D+)? [HlL]?([\\% BscdeEfFgGioOuxX])/g en la biblioteca lib/printf.js. La expresi\u00f3n regular vulnerable tiene una complejidad de tiempo en el peor de los casos c\u00fabica"}], "id": "CVE-2021-23354", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "report@snyk.io", "type": "Secondary"}]}, "published": "2021-03-12T15:15:14.207", "references": [{"source": "report@snyk.io", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/adaltas/node-printf/issues/31"}, {"source": "report@snyk.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/adaltas/node-printf/pull/32"}, {"source": "report@snyk.io", "tags": ["Broken Link"], "url": "https://snyk.io/vuln/SNYK-JS-PRINTF-1072096"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1333"}], "source": "nvd@nist.gov", "type": "Primary"}]}