Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01d3Z2LXE1ZnYtMjM4OM4AAwqh
hyper-staticfile's location header incorporates user input, allowing open redirect
When hyper-staticfile
performs a redirect for a directory request (e.g. a request for /dir
that redirects to /dir/
), the Location
header value was derived from user input (the request path), simply appending a slash. The intent was to perform an origin-relative redirect, but specific inputs allowed performing a scheme-relative redirect instead.
An attacker could craft a special URL that would appear to be for the correct domain, but immediately redirects to a malicious domain. Such a URL can benefit phishing attacks, for example an innocent looking link in an email.
Permalink: https://github.com/advisories/GHSA-5wvv-q5fv-2388JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01d3Z2LXE1ZnYtMjM4OM4AAwqh
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 year ago
Updated: about 1 year ago
Identifiers: GHSA-5wvv-q5fv-2388
References:
- https://github.com/stephank/hyper-staticfile/commit/4db4afb811c553bc3d54a01a9985b9e6dfc5a115
- https://github.com/stephank/hyper-staticfile/commit/f12cadc6666c6f555d29725f5bc45da2103f24ea
- https://rustsec.org/advisories/RUSTSEC-2022-0072.html
- https://github.com/advisories/GHSA-5wvv-q5fv-2388
Affected Packages
cargo:hyper-staticfile
Dependent packages: 24Dependent repositories: 48
Downloads: 300,202 total
Affected Version Ranges: >= 0.10.0-alpha.1, < 0.10.0-alpha.5, < 0.9.4
Fixed in: 0.10.0-alpha.5, 0.9.4
All affected versions: 0.1.0, 0.1.1, 0.2.0, 0.3.0, 0.3.1, 0.4.0, 0.4.1, 0.4.2, 0.5.0, 0.5.1, 0.5.2, 0.5.3, 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.9.1, 0.9.2, 0.9.3, 0.10.0-alpha.1, 0.10.0-alpha.2, 0.10.0-alpha.3, 0.10.0-alpha.4
All unaffected versions: 0.9.4, 0.9.5, 0.10.0