MEDIUM🇵🇱 Wersja polska

CVE-2024-21631

CVSS 6.5v3.1pub. 2024-01-03upd. 2024-11-21

Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's `vapor_urlparser_parse` function uses `uint16_t` indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. This vulnerability does not affect Vapor directly but could impact applications relying on the URI type for validating user input. The URI type is used in several places in Vapor. A developer may decide to use URI to represent a URL in their application (especially if that URL is then passed to the HTTP Client) and rely on its public properties and methods. However, URI may fail to properly parse a valid (albeit abnormally long) URL, due to string ranges being converted to 16-bit integers. An attacker may use this behavior to trick the application into accepting a URL to an untrusted destination. By padding the port number with zeros, an attacker can cause an integer overflow to occur when the URL authority is parsed and, as a result, spoof the host. Version 4.90.0 contains a patch for this issue. As a workaround, validate user input before parsing as a URI or, if possible, use Foundation's `URL` and `URLComponents` utilities.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  • Vapor

    APP
    Vapor
    < 4.90.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-31019HIGH7.5ten sam produkt

Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a...

CVE-2022-31005HIGH7.5ten sam produkt

Vapor is an HTTP web framework for Swift. Users of Vapor prior to version 4.60.3 with FileMiddleware enabled a...

CVE-2023-44386MEDIUM5.3ten sam produkt

Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of af...

CVE-2021-37634HIGH7.4ten sam vendor

Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-...

CVE-2026-28499MEDIUM6.9ten sam vendor

LeafKit is a templating language with Swift-inspired syntax. Prior to version 1.14.2, HTML escaping doesn't wo...