CVE-2024-34391

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled).

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/libxmljs/libxmljs/issues/645
https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/
https://github.com/libxmljs/libxmljs/issues/645
https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/

Configurations

No configuration.

History

No history.

Information

Published : 2024-05-02 19:15

Updated : 2024-11-25 13:15

NVD link : CVE-2024-34391

Mitre link : CVE-2024-34391

CVE.ORG link : CVE-2024-34391

JSON object : View

Products Affected

No product.

CWE

CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')

{"id": "CVE-2024-34391", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "reefs@jfrog.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2024-05-02T19:15:06.177", "references": [{"url": "https://github.com/libxmljs/libxmljs/issues/645", "source": "reefs@jfrog.com"}, {"url": "https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/", "source": "reefs@jfrog.com"}, {"url": "https://github.com/libxmljs/libxmljs/issues/645", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://research.jfrog.com/vulnerabilities/libxmljs-attrs-type-confusion-rce-jfsa-2024-001033988/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "reefs@jfrog.com", "description": [{"lang": "en", "value": "CWE-843"}]}, {"type": "Primary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-843"}]}], "descriptions": [{"lang": "en", "value": "libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled)."}, {"lang": "es", "value": "libxmljs es afectada por una vulnerabilidad de confusi\u00f3n de tipos cuando se analiza un XML especialmente manipulado al invocar una funci\u00f3n en el resultado de attrs() que se llam\u00f3 en un nodo analizado. Esta vulnerabilidad podr\u00eda provocar denegaci\u00f3n de servicio (tanto en sistemas de 32 bits como en sistemas de 64 bits), fuga de datos, bucle infinito y ejecuci\u00f3n remota de c\u00f3digo (en sistemas de 32 bits con el indicador XML_PARSE_HUGE habilitado)."}], "lastModified": "2024-11-25T13:15:04.370", "sourceIdentifier": "reefs@jfrog.com"}