Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS00d3BwLXc1cjQtN3Y1ds4AAqwe
Server-Side Request Forgery in charm
We've discovered a vulnerability in which attackers could forge HTTP requests to manipulate the charm
data directory to access or delete anything on the server. This has been patched in https://github.com/charmbracelet/charm/commit/3c90668f955c7ce5ef721e4fc9faee7053232fd3 and is available in release v0.12.1. We recommend that all users running self-hosted charm
instances update immediately.
This vulnerability was found in-house and we haven't been notified of any potential exploiters.
Additional notes
- Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data.
- Users running the official Charm Docker images are at minimal risk because the exploit is limited to the containerized filesystem.
For more information
If you have any questions or comments about this advisory:
- Open a discussion
- Email us at [email protected]
- Chat with us on Slack
Charm热爱开源 • Charm loves open source
Permalink: https://github.com/advisories/GHSA-4wpp-w5r4-7v5vJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS00d3BwLXc1cjQtN3Y1ds4AAqwe
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 2 years ago
Updated: over 1 year ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-4wpp-w5r4-7v5v, CVE-2022-29180
References:
- https://github.com/charmbracelet/charm/security/advisories/GHSA-4wpp-w5r4-7v5v
- https://nvd.nist.gov/vuln/detail/CVE-2022-29180
- https://github.com/charmbracelet/charm/commit/3c90668f955c7ce5ef721e4fc9faee7053232fd3
- https://github.com/advisories/GHSA-4wpp-w5r4-7v5v
Blast Radius: 23.2
Affected Packages
go:github.com/charmbracelet/charm
Dependent packages: 55Dependent repositories: 235
Downloads:
Affected Version Ranges: >= 0.9.0, < 0.12.1
Fixed in: 0.12.1
All affected versions: 0.9.0, 0.9.1, 0.9.2, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.11.0, 0.12.0
All unaffected versions: 0.1.0, 0.2.0, 0.2.1, 0.2.2, 0.2.3, 0.3.0, 0.3.1, 0.4.0, 0.4.1, 0.5.0, 0.5.1, 0.5.2, 0.6.0, 0.7.0, 0.8.0, 0.8.1, 0.8.2, 0.8.3, 0.8.4, 0.8.5, 0.8.6, 0.8.7, 0.12.1, 0.12.2, 0.12.3, 0.12.4, 0.12.5, 0.12.6