CVE-2024-38375

描述

### Impact The implementation of the following functions were determined to include a use-after-free bug: * `FetchEvent.client.tlsCipherOpensslName` * `FetchEvent.client.tlsProtocol` * `FetchEvent.client.tlsClientCertificate` * `FetchEvent.client.tlsJA3MD5` * `FetchEvent.client.tlsClientHello` * `CacheEntry.prototype.userMetadata` of the `fastly:cache` subsystem * `Device.lookup` of the `fastly:device` subsystem This bug could allow for an unintended data leak if the result of the preceding functions were sent anywhere else, and often results in a Compute service crash causing an HTTP 500 error to be returned. As all requests to Compute are isolated from one another, the only data at risk is data present for a single request. ### Patches This bug has been fixed in version 3.16.0 of the `@fastly/js-compute` package. ### Workarounds There are no workarounds for this bug, any use of the affected functions introduces the possibility of a data leak or crash in guest code.

受影響套件(1)

• npm/@fastly/js-compute>= 3.0.0, < 3.16.0

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-38375
• PATCHhttps://github.com/fastly/js-compute-runtime
• WEBhttps://github.com/fastly/js-compute-runtime/commit/4e16641ef4e159c4a11b500ac861b8fa8d9ff5d3
• WEBhttps://github.com/fastly/js-compute-runtime/security/advisories/GHSA-mp3g-vpm9-9vqv