GHSA-9h6h-9g78-86f7 – github.com/fkie-cad/yapscan

Package

Manager: go
Name: github.com/fkie-cad/yapscan
Vulnerable Version: >=0.18.0 <0.19.1

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

Yapscan's report receiver server vulnerable to path traversal and log injection ### Impact If you make use of the **report receiver server** (experimental), a client may be able to forge requests such that arbitrary files on the host can be overwritten (subject to permissions of the yapscan server), leading to loss of data. This is particularly problematic if you do not authenticate clients and/or run the server with elevated permissions. ### Patches Vulnerable versions: - v0.18.0 - v0.19.0 (unreleased) This problem is patched in version v0.19.1 ### Workarounds Update to the newer version is highly encouraged! Measures to reduce the risk of this include authenticating clients (see `--client-ca` flag) and containerization of the yapscan server. ### References The tracking issue is #35. There you can find the commits, fixing the issue.

Metadata

Created: 2022-12-29T01:50:20Z
Modified: 2022-12-29T01:50:20Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/12/GHSA-9h6h-9g78-86f7/GHSA-9h6h-9g78-86f7.json
CWE IDs: ["CWE-117", "CWE-22", "CWE-73"]
Alternative ID: N/A
Finding: F063
Auto approve: 1