Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1xd3JmLWdmcGotcXZqNs4AArBB

Moderate EPSS: 0.00235% (0.46364 Percentile) EPSS:
Permalink JSON

Smokescreen SSRF via deny list bypass (square brackets)

Affected Packages Affected Versions Fixed Versions
go:github.com/stripe/smokescreen < 0.0.4 0.0.4
1 Dependent packages
2 Dependent repositories

Affected Version Ranges

All affected versions

0.0.2, 0.0.3

All unaffected versions

0.0.4

Impact

The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure.

Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. [example.com]).

Recommendation

Upgrade Smokescreen to version 0.0.4 or later.

Acknowledgements

Thanks to Axel Chong for reporting the issue.

For more information

Email us at [email protected]

References:

Identifiers

GHSA-qwrf-gfpj-qvj6

CVE-2022-29188

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00235

EPSS Percentile: 0.46364

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/stripe/smokescreen

Date and time

Published

about 3 years ago

Updated

over 2 years ago

API

JSON