CVE-2022-29180

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-29180
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29180.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-29180
Aliases
Related
Published
2022-05-07T04:15:09Z
Modified
2025-01-15T02:19:59.266976Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This vulnerability was found in-house and we haven't been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm Docker images are at minimal risk because the exploit is limited to the containerized filesystem.

References

Affected packages

Git / github.com/charmbracelet/charm

Affected ranges

Type
GIT
Repo
https://github.com/charmbracelet/charm
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
3c90668f955c7ce5ef721e4fc9faee7053232fd3
Fixed
3c90668f955c7ce5ef721e4fc9faee7053232fd3

Affected versions

v0.*

v0.1.0
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.11.0
v0.12.0
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.5.0
v0.5.1
v0.5.2
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v0.9.0
v0.9.1
v0.9.2