Headline
CVE-2022-29804
Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.
)]}’ { "commit": "9cd1818a7d019c02fa4898b3e45a323e35033290", "tree": "582a5c871a2371794f242fce0310a2ebd4f6aabb", "parents": [ “b6bcd0d1352578033eea0490790b6af3bf300b3f” ], "author": { "name": "Yasuhiro Matsumoto", "email": "[email protected]", "time": “Fri Apr 22 10:07:51 2022 +0900” }, "committer": { "name": "Gopher Robot", "email": "[email protected]", "time": “Tue May 24 21:52:14 2022 +0000” }, "message": “path/filepath: do not remove prefix \".\” when following path contains \":\".\n\nFixes #52476\n\nChange-Id: I9eb72ac7dbccd6322d060291f31831dc389eb9bb\nReviewed-on: https://go-review.googlesource.com/c/go/+/401595\nAuto-Submit: Ian Lance Taylor \[email protected]\u003e\nReviewed-by: Alex Brainman \[email protected]\u003e\nRun-TryBot: Ian Lance Taylor \[email protected]\u003e\nReviewed-by: Ian Lance Taylor \[email protected]\u003e\nReviewed-by: Damien Neil \[email protected]\u003e\nTryBot-Result: Gopher Robot \[email protected]\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "ec9e6d8a1f8616d00f7ca38bf868d54e726507fa", "old_mode": 33188, "old_path": "src/path/filepath/path.go", "new_id": "de7a2c758b1cf5d8e1c0b66db90b69c4f0492f2c", "new_mode": 33188, "new_path": “src/path/filepath/path.go” }, { "type": "modify", "old_id": "1456ea737a1efa7d6b14f4682e5e18a3451896a5", "old_mode": 33188, "old_path": "src/path/filepath/path_test.go", "new_id": "a783d6be2838ab7321941bb71958bbe403b253b0", "new_mode": 33188, "new_path": “src/path/filepath/path_test.go” }, { "type": "modify", "old_id": "37019210fa0346f8dc6b48abf3166d43e442b3e0", "old_mode": 33188, "old_path": "src/path/filepath/path_windows_test.go", "new_id": "9e6c0ec81d901c147f549d1f458ac63c0ff13523", "new_mode": 33188, "new_path": “src/path/filepath/path_windows_test.go” } ] }
Related news
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.