Vulnerability Description
uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue or not even an issue at all" because the developer of an application (that uses uWebSockets) should not be allowing the large number of triggered topics to accumulate
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Uwebsockets Project | Uwebsockets | 18.11.0 |
| Linux | Linux Kernel | - |
Related Weaknesses (CWE)
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25381ExploitIssue TrackingPatch
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2020-16Third Party Advisory
- https://github.com/uNetworking/uWebSockets/commit/03fca626a95130ab80f86adada54b2PatchThird Party Advisory
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25381ExploitIssue TrackingPatch
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2020-16Third Party Advisory
- https://github.com/uNetworking/uWebSockets/commit/03fca626a95130ab80f86adada54b2PatchThird Party Advisory
FAQ
What is CVE-2020-36406?
CVE-2020-36406 is a vulnerability with a CVSS score of 8.8 (HIGH). uWebSockets 18.11.0 and 18.12.0 has a stack-based buffer overflow in uWS::TopicTree::trimTree (called from uWS::TopicTree::unsubscribeAll). NOTE: the vendor's position is that this is "a minor issue o...
How severe is CVE-2020-36406?
CVE-2020-36406 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36406?
Check the references section above for vendor advisories and patch information. Affected products include: Uwebsockets Project Uwebsockets, Linux Linux Kernel.