Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS14cmczLWhtZjMtcnZnd80ehg

High EPSS: 0.00432% (0.61737 Percentile) EPSS:
Permalink JSON

Path Traversal in rust-embed

Affected Packages Affected Versions Fixed Versions
cargo:rust-embed < 6.3.0 6.3.0
372 Dependent packages
1,570 Dependent repositories
15,372,596 Downloads total

Affected Version Ranges

All affected versions

0.2.0, 0.3.0, 0.3.2, 0.3.4, 0.3.5, 0.4.0, 0.5.0, 0.5.1, 0.5.2, 1.0.0, 1.1.0, 1.1.1, 2.0.0, 3.0.0, 3.0.1, 3.0.2, 4.0.0, 4.1.0, 4.2.0, 4.3.0, 4.4.0, 4.5.0, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.1.0, 5.2.0, 5.3.0, 5.4.0, 5.5.0, 5.5.1, 5.6.0, 5.7.0, 5.8.0, 5.9.0, 6.0.0, 6.0.1, 6.1.0, 6.2.0

All unaffected versions

6.3.0, 6.4.0, 6.4.1, 6.4.2, 6.5.0, 6.6.0, 6.6.1, 6.7.0, 6.8.0, 6.8.1, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.7.1, 8.7.2

When running in debug mode and the debug-embed (off by default) feature is not enabled, the generated get method does not check that the input path is a child of the folder given.

This allows attackers to read arbitrary files in the file system if they have control over the filename given. The following code will print the contents of your /etc/passwd if adjusted with a correct number of ../s depending on where it is run from.

References:

Identifiers

GHSA-xrg3-hmf3-rvgw

CVE-2021-45712

Risk

Severity

High

EPSS

EPSS Percentage: 0.00432

EPSS Percentile: 0.61737

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/pyros2097/rust-embed

Date and time

Published

over 3 years ago

Updated

about 2 years ago

API

JSON