Lucene search

GitHub Advisory DatabaseGHSA-84XV-JFRM-H4GM

HistoryFeb 14, 2024 - 12:35 a.m.

registry-support: decompress can delete files outside scope via relative paths

2024-02-1400:35:42

CWE-23

GitHub Advisory Database

github.com

registry-support

decompression

vulnerability

remote attacker

.tar archive

relative paths

cleanup process

overwrite

delete

software

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

15.5%

JSON

A vulnerability was found in the decompression function of registry-support. This issue can be triggered by an unauthenticated remote attacker when tricking a user into opening a specially modified .tar archive, leading to the cleanup process following relative paths to overwrite or delete files outside the intended scope.

Affected configurations

Vulners

Node

devfileregistry-supportRange<0.0.0-20240206

VendorProductVersionCPE
devfileregistry-support*cpe:2.3:a:devfile:registry-support:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
devfile	registry-support	*	cpe:2.3:a:devfile:registry-support::::::::

References

access.redhat.com/security/cve/CVE-2024-1485

bugzilla.redhat.com/show_bug.cgi?id=2264106

github.com/advisories/GHSA-84xv-jfrm-h4gm

github.com/devfile/registry-support/commit/0e44b9ca6d03fac4fc3f77d37656d56dc5defe0d

github.com/devfile/registry-support/pull/197

nvd.nist.gov/vuln/detail/CVE-2024-1485

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for GHSA-84XV-JFRM-H4GM