[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2021-30638: An Information Disclosure due to insufficient input validation exists
From: "Thiago H. de Paula Figueiredo" <thiagohp () gmail ! com>
Date: 2021-04-27 17:35:20
Message-ID: CAE_88GYP-ZX9=b7LfepVqRZyBeOmGTWRV92BONJCBGkLULcQ3Q () mail ! gmail ! com
[Download RAW message or body]
Description:
Information Exposure vulnerability in context asset handling of Apache
Tapestry allows an attacker to download files inside WEB-INF if using a
specially-constructed URL. This was caused by an incomplete fix for
CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0
version to Apache Tapestry 5.6.3; Apache Tapestry 5.7.0 version and Apache
Tapestry 5.7.1.
Solution:
For Tapestry 5.4.0 to 5.6.3: upgrade to 5.6.4
For Tapestry 5.7.0 and 5.7.1: upgrade to 5.7.2
************ Problem Description ************
An Information Disclosure due to insufficient input validation exists
in Apache Tapestry 5.6.1 and later (latest)
A recent patch for CVE-2020-13953
(
https://github.com/apache/tapestry-5/commit/cf1912291af9146ee86a4aef471ae2ab31d3a28b
)
fails to account for the backslash character in the filtering regex
An attacker is therefore able to list and download web app files from
the WEB-INF and META-INF directory using a crafted payload.
Credit:
This vulnerability was discovered by Kc Udonsi of Trend Micro
--
Thiago
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic