Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-48914
Awaiting Analysis
More InfoOfficial Page
Source-security-advisories@github.com
View Known Exploited Vulnerability (KEV) details
Published At-15 Oct, 2024 | 16:15
Updated At-16 Oct, 2024 | 16:38

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI. Patches are available in versions 3.0.5 and 2.3.3. Some workarounds are also available. One may use object storage rather than the local file system, e.g. MinIO or S3, or define middleware which detects and blocks requests with urls containing `/../`.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-20Primarysecurity-advisories@github.com
CWE-22Primarysecurity-advisories@github.com
CWE ID: CWE-20
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-22
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/vendure-ecommerce/vendure/blob/801980e8f599c28c5059657a9d85dd03e3827992/packages/asset-server-plugin/src/plugin.ts#L352-L358security-advisories@github.com
N/A
https://github.com/vendure-ecommerce/vendure/commit/e2ee0c43159b3d13b51b78654481094fdd4850c5security-advisories@github.com
N/A
https://github.com/vendure-ecommerce/vendure/commit/e4b58af6822d38a9c92a1d8573e19288b8edaa1csecurity-advisories@github.com
N/A
https://github.com/vendure-ecommerce/vendure/security/advisories/GHSA-r9mq-3c9r-fmjqsecurity-advisories@github.com
N/A
Hyperlink: https://github.com/vendure-ecommerce/vendure/blob/801980e8f599c28c5059657a9d85dd03e3827992/packages/asset-server-plugin/src/plugin.ts#L352-L358
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/vendure-ecommerce/vendure/commit/e2ee0c43159b3d13b51b78654481094fdd4850c5
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/vendure-ecommerce/vendure/commit/e4b58af6822d38a9c92a1d8573e19288b8edaa1c
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/vendure-ecommerce/vendure/security/advisories/GHSA-r9mq-3c9r-fmjq
Source: security-advisories@github.com
Resource: N/A
Change History
0Changes found
Details not found