CVE-2021-41150 – tough

Package

Manager: cargo
Name: tough
Vulnerable Version: >=0 <0.12.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

EPSS: 0.00524 pctl0.66036

Details

Improper sanitization of delegated role names ### Impact The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is cached or loaded, files ending with the .json extension could be overwritten with role metadata anywhere on the system. AWS would like to thank https://github.com/jku for reporting this issue. ### Patches A fix is available in version 0.12.0. ### Workarounds No workarounds to this issue are known. ### References https://github.com/theupdateframework/python-tuf/security/advisories/GHSA-wjw6-2cqr-j4qr

Metadata

Created: 2021-10-19T20:16:26Z
Modified: 2021-10-19T18:06:09Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/10/GHSA-r56q-vv3c-6g9c/GHSA-r56q-vv3c-6g9c.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-r56q-vv3c-6g9c
Finding: F063
Auto approve: 1