OneDev do 4.0.2 XML Document XmlBuildSpecMigrator.migrate information disclosure

WpisedytowaćHistoryDiffjsonxmlCTI

Podatność, która została odkryta w OneDev do 4.0.2. Problemem dotknięta jest funkcja XmlBuildSpecMigrator.migrate w komponencie XML Document Handler. Aktualizacja do wersji 4.0.3 eliminuje tę podatność. Zastosowanie poprawka eliminuje problem. Poprawka jet dostępna pod adresem github.com. Sugeruje się, że najlepszym zabezpieczeniem jest aktualizacja do najnowszej wersji.

Pole2021-01-16 09:282021-02-15 02:362021-02-15 02:39
nameOneDevOneDevOneDev
version<=4.0.2<=4.0.2<=4.0.2
componentXML Document HandlerXML Document HandlerXML Document Handler
functionXmlBuildSpecMigrator.migrateXmlBuildSpecMigrator.migrateXmlBuildSpecMigrator.migrate
cwe200 (ujawnienie informacji)200 (ujawnienie informacji)200 (ujawnienie informacji)
risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://github.com/theonedev/onedev/security/advisories/GHSA-9pph-8gfc-6w2rhttps://github.com/theonedev/onedev/security/advisories/GHSA-9pph-8gfc-6w2rhttps://github.com/theonedev/onedev/security/advisories/GHSA-9pph-8gfc-6w2r
nameUpgradeUpgradeUpgrade
upgrade_version4.0.34.0.34.0.3
patch_urlhttps://github.com/theonedev/onedev/commit/9196fd795e87dab069b4260a3590a0ea886e770fhttps://github.com/theonedev/onedev/commit/9196fd795e87dab069b4260a3590a0ea886e770fhttps://github.com/theonedev/onedev/commit/9196fd795e87dab069b4260a3590a0ea886e770f
cveCVE-2021-21250CVE-2021-21250CVE-2021-21250
date1610751600 (2021-01-16)1610751600 (2021-01-16)1610751600 (2021-01-16)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore4.04.04.0
cvss2_vuldb_tempscore4.03.53.5
cvss3_vuldb_basescore4.34.34.3
cvss3_vuldb_tempscore4.34.14.1
cvss3_meta_basescore4.34.35.4
cvss3_meta_tempscore4.34.15.1
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned16085916001608591600
cve_nvd_summaryOneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file read. When BuildSpec is provided in XML format, the spec is processed by XmlBuildSpecMigrator.migrate(buildSpecString); which processes the XML document without preventing the expansion of external entities. These entities can be configured to read arbitrary files from the file system and dump their contents in the final XML document to be migrated. If the files are dumped in properties included in the YAML file, it will be possible for an attacker to read them. If not, it is possible for an attacker to exfiltrate the contents of these files Out Of Band. This issue was addressed in 4.0.3 by ignoring ENTITY instructions in xml file.OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which may lead to arbitrary file read. When BuildSpec is provided in XML format, the spec is processed by XmlBuildSpecMigrator.migrate(buildSpecString); which processes the XML document without preventing the expansion of external entities. These entities can be configured to read arbitrary files from the file system and dump their contents in the final XML document to be migrated. If the files are dumped in properties included in the YAML file, it will be possible for an attacker to read them. If not, it is possible for an attacker to exfiltrate the contents of these files Out Of Band. This issue was addressed in 4.0.3 by ignoring ENTITY instructions in xml file.
confirm_urlhttps://github.com/theonedev/onedev/security/advisories/GHSA-9pph-8gfc-6w2rhttps://github.com/theonedev/onedev/security/advisories/GHSA-9pph-8gfc-6w2r
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iN
cvss3_nvd_aN
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auS
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
cve_cnaGitHub, Inc.
cvss2_nvd_basescore4.0
cvss3_nvd_basescore6.5

Do you want to use VulDB in your project?

Use the official API to access entries easily!