CVE-2022-24822

Description

### Impact An attacker using the `Trailer` header as part of the request against proxy endpoints has the ability to take down the server. All Podium layouts that include podlets with proxy endpoints are affected. ### Patches `@podium/layout` which is the main way developers/users are vulnerable to this exploit, has been patched in version `4.6.110`. All earlier versions are vulnerable. `@podium/proxy` which is the source of the vulnerability and is used by `@podium/layout` has been patched in version `4.2.74`. All earlier versions are vulnerable. ### Workarounds It is not easily possible to work around this issue without upgrading. We recommend upgrading `@podium/layout` and/or `@podium/proxy` as soon as possible. ### For more information If you have any questions or comments about this advisory: * Open an issue in [podium-lib/issues](https://github.com/podium-lib/issues) ### Credits The vulnerability was reported by [krynos](https://hackerone.com/krynos) from [Ercoli Consulting](https://www.ercoliconsulting.eu/) via FINN.no's private bug bounty program

How to fix CVE-2022-24822

To remediate CVE-2022-24822, upgrade the affected package to a fixed version below.

• —upgrade to 4.6.110 or later
• —upgrade to 4.2.74 or later

Is CVE-2022-24822 being exploited?

Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 4.6.110
• from 0, < 4.2.74

CVSS scores

References (6)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-24822
• WEBgithub.com/podium-lib/layout/commit/fe43e655432b0a5f07b6475f67babcc2588fb039
• WEBgithub.com/podium-lib/layout/releases/tag/v4.6.110
• WEBgithub.com/podium-lib/proxy/commit/9698a40df081217ce142d4de71f929baaa339cdf