Lucene search

Redhat.comRH:CVE-2024-1485

HistoryFeb 13, 2024 - 10:34 p.m.

CVE-2024-1485

2024-02-1322:34:20

redhat.com

access.redhat.com

cve-2024-1485

unauthenticated remote attacker

parsing devfile

malicious archive

cleanup process

file overwrite

file deletion

untrusted sources

8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the parent or plugin keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed.

Mitigation

Limit or block the parsing of devfiles from untrusted sources.

References

bugzilla.redhat.com/show_bug.cgi?id=2264106

github.com/advisories/GHSA-84xv-jfrm-h4gm

github.com/devfile/registry-support/commit/0e44b9ca6d03fac4fc3f77d37656d56dc5defe0d

github.com/devfile/registry-support/pull/197

nvd.nist.gov/vuln/detail/CVE-2024-1485

www.cve.org/CVERecord?id=CVE-2024-1485

8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for RH:CVE-2024-1485