Rewterz Threat Alert – Bitter APT Group – Active IOCs
January 2, 2024Rewterz Threat Advisory – Multiple Apple watchOS Vulnerabilities
January 2, 2024Rewterz Threat Alert – Bitter APT Group – Active IOCs
January 2, 2024Rewterz Threat Advisory – Multiple Apple watchOS Vulnerabilities
January 2, 2024Severity
Medium
Analysis Summary
CVE-2023-52079
Node.js msgpackr module is vulnerable to a denial of service, caused by an infinite recursion flaw during conversion of property names to strings. By sending a specially crafted MessagePack messages, a remote attacker could exploit this vulnerability to keep the decoder stuck in a loop, and results in a denial of service condition.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-52079
Affected Vendors
Node.js
Affected Products
- Node.js msgpackr 1.10.0
Remediation
Upgrade to the latest version of msgpackr, available from the msgpackr GIT Repository.