Bug 1969359 (CVE-2021-32305)

Summary: CVE-2021-32305 websvn: arbitrary code execution via search parameter
Product: [Other] Security Response Reporter: Marian Rehak <mrehak>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: xavier
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: websvn 2.6.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-06-08 15:03:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1969360, 1969361    
Bug Blocks:    

Description Marian Rehak 2021-06-08 09:54:18 UTC
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.


Comment 1 Marian Rehak 2021-06-08 09:54:51 UTC
Created websvn tracking bugs for this issue:

Affects: epel-all [bug 1969361]
Affects: fedora-all [bug 1969360]

Comment 2 Xavier Bachelot 2021-06-08 13:13:40 UTC
I'd say only 2.6.0 and 2.6.1 are affected as the vulnerable code was added with https://github.com/websvnphp/websvn/commit/208652884c71bed62e97c445cf25f7ce8899dc41.

Comment 3 Product Security DevOps Team 2021-06-08 15:03:57 UTC
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.

Comment 4 Xavier Bachelot 2021-06-10 10:31:18 UTC
(In reply to Xavier Bachelot from comment #2)
> I'd say only 2.6.0 and 2.6.1 are affected as the vulnerable code was added
> with
> https://github.com/websvnphp/websvn/commit/
> 208652884c71bed62e97c445cf25f7ce8899dc41.

Correction on the above comment: websvn 2.6.1 is _not_ affected, only websvn 2.6.0 is.