GHSA-xvv9-5j67-3rpq

Source

https://github.com/advisories/GHSA-xvv9-5j67-3rpq

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/08/GHSA-xvv9-5j67-3rpq/GHSA-xvv9-5j67-3rpq.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-xvv9-5j67-3rpq

Aliases

CVE-2023-40274

Related

CGA-632x-xm85-9vjh

Published

2023-08-14T03:30:32Z

Modified

2023-11-08T04:13:20.333462Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

zola Path Traversal vulnerability

Details

An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem.

Database specific

{
    "severity": "HIGH",
    "github_reviewed_at": "2023-08-14T21:33:07Z",
    "cwe_ids": [
        "CWE-22"
    ],
    "nvd_published_at": "2023-08-14T01:15:47Z",
    "github_reviewed": true
}

References

Affected packages

crates.io / zola

Package

Name: zola; View open source insights on deps.dev
Purl: pkg:cargo/zola

Affected ranges

Type: SEMVER
Events: Introduced

0.13.0

Last affected

0.17.2

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/08/GHSA-xvv9-5j67-3rpq/GHSA-xvv9-5j67-3rpq.json"