CVE-2021-3907

Опубликовано: 11 нояб. 2021

Источник: nvd

CVSS3: 7.4

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.

Ссылки

https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959
Third Party Advisory
https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh
Third Party Advisory
https://www.debian.org/security/2021/dsa-5033
Third Party Advisory
https://www.debian.org/security/2022/dsa-5041
Third Party Advisory
https://github.com/cloudflare/cfrpki/security/advisories/GHSA-3jhm-87m6-x959
Third Party Advisory
https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh
Third Party Advisory
https://www.debian.org/security/2021/dsa-5033
Third Party Advisory
https://www.debian.org/security/2022/dsa-5041
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cloudflare:octorpki:*:*:*:*:*:*:*:*

Версия до 1.3.0 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01474

Низкий

7.4 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20

CWE-22

Связанные уязвимости

CVE-2021-3907

CVSS3: 7.4

ubuntu

около 4 лет назад

CVE-2021-3907

CVSS3: 7.4

debian

около 4 лет назад

OctoRPKI does not escape a URI with a filename containing "..", this a ...

GHSA-cqh2-vc2f-q4fh

CVSS3: 7.4

github

около 4 лет назад

Arbitrary filepath traversal via URI injection

EPSS

Процентиль: 81%

0.01474

Низкий

7.4 High

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-20

CWE-22