Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-25937: Fix path traversal vulnerability · jarofghosts/glance@8cecfe9

Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in CVE-2018-3715.

CVE
#vulnerability#nodejs

@@ -24,7 +24,7 @@ function Glance(options) {

this.port = options.port

this.hideindex = options.hideindex

this.indices = options.indices

this.dir = path.normalize(options.dir)

this.dir = path.resolve(options.dir)

this.nodot = options.nodot

return this

@@ -72,7 +72,7 @@ Glance.prototype.serveRequest = function Glance$serveRequest(req, res) {

request.response = res

// prevent traversing directories that are parents of the root

if (request.fullPath.slice(0, self.dir.length) !== self.dir) {

if (path.relative(self.dir, request.fullPath).startsWith(‘…’)) {

return self.emit('error’, 403, request, res)

}

@@ -193,10 +193,10 @@ function renderPage(title, body, res) {

function errorTitle(errorCode) {

var mappings = {

'404’: 'File Not Found’,

'403’: 'Forbidden’,

'405’: 'Method Not Allowed’,

'500’: 'Internal Server Error’,

404: 'File Not Found’,

403: 'Forbidden’,

405: 'Method Not Allowed’,

500: 'Internal Server Error’,

}

return mappings[errorCode.toString()]

}

Related news

GHSA-3hjh-5hgx-f5wh: Path traversal vulnerability in glance

Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180129).

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda