icon

We found results for “

CVE-2022-23082

Date: May 31, 2022

Overview

In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path traversal as the function ‘isFileOutsideDir’ fails to sanitize the user input which may lead to path traversal.

Details

In CureKit versions v1.0.1 through v1.1.3 the function ‘isFileOutsideDir fails to sanitize the user input which may allow to malicious actor to exploit this vulnerability and to bypass access restriction to specific path.
We would like to thank Jonathan Leitschuh for bringing this to our attention.

PoC Details

The check ‘usr/outnot’.startsWith(‘/usr/out’) will pass even 'outnot' is not under the 'out' directory

Affected Environments

CureKit versions v1.0.1 through v1.1.3

Prevention

Upgrade to v1.1.4

Language: Java

Good to know:

icon
icon

Path Traversal

CWE-22
icon

Upgrade Version

Upgrade to version io.whitesource:curekit:1.1.4

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): None
Availability (A): None
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Partial
Integrity (I): None
Availability (A): None
Additional information: