GHSA-6452-JR93-R5QM

Vulnerability from github – Published: 2022-05-24 16:50 – Updated: 2023-08-25 21:47
VLAI?
Summary
b3log Wide unauthenticated file access
Details

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.

Severity ?
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/b3log/wide"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-13915"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-59",
      "CWE-74"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-14T21:08:41Z",
    "nvd_published_at": "2019-07-18T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.",
  "id": "GHSA-6452-jr93-r5qm",
  "modified": "2023-08-25T21:47:54Z",
  "published": "2022-05-24T16:50:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13915"
    },
    {
      "type": "WEB",
      "url": "https://github.com/b3log/wide/issues/355"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/b3log/wide"
    },
    {
      "type": "WEB",
      "url": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/arbitrary-file-reads-and-writes/go/sid-20862"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20190522035724/https://github.com/b3log/wide"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "b3log Wide unauthenticated file access"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.