| id: GO-2022-0230 |
| modules: |
| - module: github.com/containernetworking/cni |
| versions: |
| - fixed: 0.8.1 |
| vulnerable_at: 0.8.0 |
| packages: |
| - package: github.com/containernetworking/cni/pkg/invoke |
| symbols: |
| - FindInPath |
| derived_symbols: |
| - DelegateAdd |
| - DelegateCheck |
| - DelegateDel |
| - RawExec.FindInPath |
| summary: Improper limitation of path name in github.com/containernetworking/cni |
| description: |- |
| The FindInPath function is vulnerable to directory traversal attacks, |
| potentially permitting attackers to execute arbitrary binaries. |
| |
| This function does not sanitize its plugin parameter, so parameter names |
| containing "../" or other such elements may reference arbitrary locations on the |
| filesystem. |
| published: 2022-07-01T20:17:57Z |
| cves: |
| - CVE-2021-20206 |
| ghsas: |
| - GHSA-xjqr-g762-pxwp |
| references: |
| - fix: https://github.com/containernetworking/cni/pull/808 |
| - web: https://bugzilla.redhat.com/show_bug.cgi?id=1919391 |
| - web: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERNETWORKINGCNIPKGINVOKE-1070549 |
| review_status: REVIEWED |