Bug 2270863 (CVE-2024-29180)
| Summary: | CVE-2024-29180 webpack-dev-middleware: lack of URL validation may lead to file leak | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Marco Benatto <mbenatto> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | aarif, aazores, adamevin, adudiak, adupliak, aileenc, akostadi, amasferr, amctagga, aprice, bdettelb, caswilli, chazlett, cmiranda, dfreiber, dhanak, dkenigsb, dkuc, dmayorov, drow, dsimansk, dymurray, eaguilar, ebaron, ecerquei, epacific, eric.wittmann, fdeutsch, fjansen, gmalinko, gparvin, hkataria, ibek, ibolton, janstey, jburrell, jcammara, jcantril, jchui, jhardy, jkang, jlledo, jmatthew, jmitchel, jmontleo, jneedle, jobarker, jpallich, jrokos, jsamir, jshaughn, jsherril, jtanner, jwendell, kaycoth, kholdawa, kingland, kshier, ktsao, kverlaen, lbainbri, mabashia, matzew, mkudlej, mnovotny, mpierce, mvyas, mwringe, nboldt, njean, oezr, omaciel, orabin, oramraz, owatkins, pahickey, pantinor, parichar, pcongius, pdelbell, pierdipi, pjindal, psegedy, rcernich, rguimara, rhaigner, rhuss, rjohnson, rtaniwa, saroy, sdawley, sfroberg, shbose, sidakwo, simaishi, slucidi, smcdonal, smullick, sseago, stcannon, sthirugn, tasato, teagle, tjochec, tkral, twalsh, vkrizan, vkumar, vmugicag, yguenane, zsadeh |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | webpack-dev-middleware 5.3.4, webpack-dev-middleware 6.1.2, webpack-dev-middleware 7.1.0 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2270872, 2275594, 2311122, 2311123, 2311124, 2270864, 2270865, 2270866, 2270867, 2270868, 2270869, 2270870, 2270871, 2275265, 2302847 | ||
| Bug Blocks: | 2270877 | ||
|
Description
Marco Benatto
2024-03-21 21:36:57 UTC
Created cachelib tracking bugs for this issue: Affects: fedora-all [bug 2270864] Created fbthrift tracking bugs for this issue: Affects: fedora-all [bug 2270865] Created golang-github-prometheus tracking bugs for this issue: Affects: epel-7 [bug 2270869] Created h3 tracking bugs for this issue: Affects: fedora-all [bug 2270868] Created mozjs78 tracking bugs for this issue: Affects: fedora-all [bug 2270866] Created seamonkey tracking bugs for this issue: Affects: epel-8 [bug 2270870] Affects: fedora-all [bug 2270867] Upstream commits for this issue: https://github.com/webpack/webpack-dev-middleware/commit/189c4ac7d2344ec132a4689e74dc837ec5be0132 https://github.com/webpack/webpack-dev-middleware/commit/9670b3495da518fe667ff3428c5e4cb9f2f3d353 https://github.com/webpack/webpack-dev-middleware/commit/e10008c762e4d5821ed6990348dabf0d4d93a10e This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.11 Via RHSA-2024:2815 https://access.redhat.com/errata/RHSA-2024:2815 This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.12 Via RHSA-2024:2816 https://access.redhat.com/errata/RHSA-2024:2816 This issue has been addressed in the following products: Red Hat OpenShift GitOps 1.10 Via RHSA-2024:2817 https://access.redhat.com/errata/RHSA-2024:2817 This issue has been addressed in the following products: Red Hat Advanced Cluster Security 4.4 Via RHSA-2024:2941 https://access.redhat.com/errata/RHSA-2024:2941 This issue has been addressed in the following products: MTA-7.0-RHEL-9 MTA-7.0-RHEL-8 Via RHSA-2024:3316 https://access.redhat.com/errata/RHSA-2024:3316 This issue has been addressed in the following products: NETWORK-OBSERVABILITY-1.6.0-RHEL-9 Via RHSA-2024:3868 https://access.redhat.com/errata/RHSA-2024:3868 This issue has been addressed in the following products: MTA-6.2-RHEL-9 MTA-6.2-RHEL-8 Via RHSA-2024:3989 https://access.redhat.com/errata/RHSA-2024:3989 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4.16 Via RHSA-2024:0041 https://access.redhat.com/errata/RHSA-2024:0041 This issue has been addressed in the following products: Red Hat Data Grid Via RHSA-2024:4460 https://access.redhat.com/errata/RHSA-2024:4460 This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.7 Via RHSA-2024:4520 https://access.redhat.com/errata/RHSA-2024:4520 This issue has been addressed in the following products: Red Hat build of Apicurio Registry 2.6.1 GA Via RHSA-2024:4873 https://access.redhat.com/errata/RHSA-2024:4873 This issue has been addressed in the following products: RHODF-4.16-RHEL-9 Via RHSA-2024:6755 https://access.redhat.com/errata/RHSA-2024:6755 This issue has been addressed in the following products: Red Hat Migration Toolkit for Containers 1.8 Via RHSA-2024:7164 https://access.redhat.com/errata/RHSA-2024:7164 This issue has been addressed in the following products: RHODF-4.15-RHEL-9 Via RHSA-2025:8544 https://access.redhat.com/errata/RHSA-2025:8544 This issue has been addressed in the following products: RHODF-4.14-RHEL-9 Via RHSA-2025:8551 https://access.redhat.com/errata/RHSA-2025:8551 |