CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
AI Score
Confidence
High
EPSS
Percentile
9.1%
The implementation of the following functions were determined to include a use-after-free bug:
FetchEvent.client.tlsCipherOpensslName
FetchEvent.client.tlsProtocol
FetchEvent.client.tlsClientCertificate
FetchEvent.client.tlsJA3MD5
FetchEvent.client.tlsClientHello
CacheEntry.prototype.userMetadata
of the fastly:cache
subsystemDevice.lookup
of the fastly:device
subsystemThis bug could allow for an unintended data leak if the result of the preceding functions were sent anywhere else, and often results in a Compute service crash causing an HTTP 500 error to be returned. As all requests to Compute are isolated from one another, the only data at risk is data present for a single request.
This bug has been fixed in version 3.16.0 of the @fastly/js-compute
package.
There are no workarounds for this bug, any use of the affected functions introduces the possibility of a data leak or crash in guest code.
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H
AI Score
Confidence
High
EPSS
Percentile
9.1%