CVE-2023-49800: Uncontrolled Recursion

December 11, 2023

nuxt-api-party is an open source module to proxy API requests. The library allows the user to send many options directly to ofetch. There is no filter on which options are available. We can abuse the retry logic to cause the server to crash from a stack overflow. fetchOptions are obtained directly from the request body. A malicious user can construct a URL known to not fetch successfully, then set the retry attempts to a high value, this will cause a stack overflow as ofetch error handling works recursively resulting in a denial of service. This issue has been addressed in version 0.22.1. Users are advised to upgrade. Users unable to upgrade should limit ofetch options.

References

github.com/advisories/GHSA-q6hx-3m4p-749h
github.com/johannschopplich/nuxt-api-party/security/advisories/GHSA-q6hx-3m4p-749h
nvd.nist.gov/vuln/detail/CVE-2023-49800

Detect and mitigate CVE-2023-49800 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →