| id: GO-2022-0248 |
| modules: |
| - module: github.com/cloudflare/cfrpki |
| versions: |
| - fixed: 1.4.4 |
| vulnerable_at: 1.4.2 |
| packages: |
| - package: github.com/cloudflare/cfrpki/validator/pki |
| symbols: |
| - ExtractPathManifest |
| derived_symbols: |
| - SimpleManager.Explore |
| - SimpleManager.ExploreAdd |
| - Validator.AddManifest |
| - Validator.AddResource |
| summary: Directory traversal in manifest path extraction in github.com/cloudflare/cfrpki |
| description: |- |
| Manifest path extraction is vulnerable to directory traversal attacks. |
| |
| The ExtractPathManifest function permits file paths containing relative |
| directory components (".."), permitting files to reference arbitrary locations |
| on the filesystem. |
| published: 2022-07-15T23:07:18Z |
| cves: |
| - CVE-2021-3907 |
| ghsas: |
| - GHSA-cqh2-vc2f-q4fh |
| - GHSA-8459-6rc9-8vf8 |
| related: |
| - GHSA-3jhm-87m6-x959 |
| credits: |
| - Koen van Hove |
| references: |
| - fix: https://github.com/cloudflare/cfrpki/commit/eb9cc4db7b7b79e44f56dfaa959fccdfb2af8284 |
| - fix: https://github.com/cloudflare/cfrpki/commit/a053a808feeb3115c76b6cc263ee55598ce6e8cd |
| review_status: REVIEWED |