CVE - CVE-2022-36007

CVE-ID
CVE-2022-36007	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions `load-file` and `load-resource`. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: `[ "/Users/foo/resources" ]` When passing relative paths to these two vulnerable functions everything is fine: `(load-resource "test.png")` => loads the file "/Users/foo/resources/test.png" `(load-resource "../resources-alt/test.png")` => rejected, outside the load path When passing absolute paths to these two vulnerable functions Venice may return files outside the configured load paths: `(load-resource "/Users/foo/resources/test.png")` => loads the file "/Users/foo/resources/test.png" `(load-resource "/Users/foo/resources-alt/test.png")` => loads the file "/Users/foo/resources-alt/test.png" !!! The latter call suffers from the _Partial Path Traversal_ vulnerability. This issue’s scope is limited to absolute paths whose name prefix matches a load path. E.g. for a load-path `"/Users/foo/resources"`, the actor can cause loading a resource also from `"/Users/foo/resources-alt"`, but not from `"/Users/foo/images"`. Versions of Venice before and including v1.10.17 are affected by this issue. Upgrade to Venice >= 1.10.18, if you are on a version < 1.10.18. There are currently no known workarounds.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://github.com/jlangch/venice/security/advisories/GHSA-4mmh-5vw7-rgvj URL:https://github.com/jlangch/venice/security/advisories/GHSA-4mmh-5vw7-rgvj MISC:https://github.com/jlangch/venice/commit/215ae91bb964013b0a2d70718a692832d561ae0a URL:https://github.com/jlangch/venice/commit/215ae91bb964013b0a2d70718a692832d561ae0a MISC:https://github.com/jlangch/venice/commit/c942c73136333bc493050910f171a48e6f575b23 URL:https://github.com/jlangch/venice/commit/c942c73136333bc493050910f171a48e6f575b23 MISC:https://github.com/jlangch/venice/releases/tag/v1.10.17 URL:https://github.com/jlangch/venice/releases/tag/v1.10.17
Assigning CNA
GitHub (maintainer security advisories)
Date Record Created
20220715	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20220715)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)