charm up to 0.12.0 HTTP Request server-side request forgery

admin 2022年5月19日21:01:49Ali_nvd评论0 次浏览阅读模式

CVE编号

CVE-2022-29180


利用情况

暂无



补丁情况

N/A


披露时间

2022-05-07



漏洞描述

A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven't been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem.

解决建议

建议您更新当前系统或软件至最新版,完成漏洞的修复。

参考链接


https://github.com/charmbracelet/charm/commit/3c90668f955c7ce5ef721e4fc9faee7...


https://github.com/charmbracelet/charm/security/advisories/GHSA-4wpp-w5r4-7v5v

受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用

charm

charm

*


From
(including)
0.9.0


Up to
(excluding)
0.12.1

CVSS3评分

9.8

  • 攻击路径

    网络

  • 攻击复杂度

  • 权限要求
  • 影响范围
    未更改
  • 用户交互

  • 可用性
  • 保密性

  • 完整性

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-ID 漏洞类型 CWE-918 服务端请求伪造(SSRF)

  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年5月19日21:01:49
  • 转载请务必保留本文链接:http://zone.ci/archives/aliyun/ali_nvd/2022/05/19/709038.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: