CVE-2020-26279 - OpenCVE

go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Protocol	Go-ipfs

Configuration 1 [-]

cpe:2.3:a:protocol:go-ipfs:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/ipfs/go-ipfs/commit/b7ddba7fe47dee5b1760b8ffe897908417e577b2
https://github.com/ipfs/go-ipfs/security/advisories/GHSA-27pv-q55r-222g
https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-03-24T20:20:14

Updated: 2024-08-04T15:56:04.169Z

Reserved: 2020-10-01T00:00:00

Link: CVE-2020-26279

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-03-24T21:15:11.037

Modified: 2021-03-27T01:44:10.857

Link: CVE-2020-26279

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "go-ipfs", "vendor": "ipfs", "versions": [{"status": "affected", "version": "< 0.8.0-rc1"}]}], "descriptions": [{"lang": "en", "value": "go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-03-24T20:20:14", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/ipfs/go-ipfs/security/advisories/GHSA-27pv-q55r-222g"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/ipfs/go-ipfs/commit/b7ddba7fe47dee5b1760b8ffe897908417e577b2"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227"}], "source": {"advisory": "GHSA-27pv-q55r-222g", "discovery": "UNKNOWN"}, "title": "Path traversal", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-26279", "STATE": "PUBLIC", "TITLE": "Path traversal"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "go-ipfs", "version": {"version_data": [{"version_value": "< 0.8.0-rc1"}]}}]}, "vendor_name": "ipfs"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/ipfs/go-ipfs/security/advisories/GHSA-27pv-q55r-222g", "refsource": "CONFIRM", "url": "https://github.com/ipfs/go-ipfs/security/advisories/GHSA-27pv-q55r-222g"}, {"name": "https://github.com/ipfs/go-ipfs/commit/b7ddba7fe47dee5b1760b8ffe897908417e577b2", "refsource": "MISC", "url": "https://github.com/ipfs/go-ipfs/commit/b7ddba7fe47dee5b1760b8ffe897908417e577b2"}, {"name": "https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227", "refsource": "MISC", "url": "https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227"}]}, "source": {"advisory": "GHSA-27pv-q55r-222g", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:56:04.169Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/ipfs/go-ipfs/security/advisories/GHSA-27pv-q55r-222g"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/ipfs/go-ipfs/commit/b7ddba7fe47dee5b1760b8ffe897908417e577b2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-26279", "datePublished": "2021-03-24T20:20:14", "dateReserved": "2020-10-01T00:00:00", "dateUpdated": "2024-08-04T15:56:04.169Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:protocol:go-ipfs:*:*:*:*:*:*:*:*", "matchCriteriaId": "38F7F1AA-2127-4624-A9C4-A3F08BFC0C0B", "versionEndIncluding": "0.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "go-ipfs is an open-source golang implementation of IPFS which is a global, versioned, peer-to-peer filesystem. In go-ipfs before version 0.8.0-rc1, it is possible for path traversal to occur with DAGs containing relative paths during retrieval. This can cause files to be overwritten, or written to incorrect output directories. The issue can only occur when a get is done on an affected DAG. This is fixed in version 0.8.0-rc1."}, {"lang": "es", "value": "go-ipfs es una implementaci\u00f3n golang de c\u00f3digo abierto de IPFS, que es un sistema de archivos global, versionado, peer-to-peer. En go-ipfs versiones anteriores a 0.8.0-rc1, es posible que ocurra un salto de ruta con DAG que contengan rutas relativas durante la recuperaci\u00f3n. Esto puede hacer que los archivos se sobrescriban o se escriban en directorios de salida incorrectos. El problema solo puede ocurrir cuando se realiza una obtenci\u00f3n en un DAG afectado. Esto se corrige en la versi\u00f3n 0.8.0-rc1"}], "id": "CVE-2020-26279", "lastModified": "2021-03-27T01:44:10.857", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.8, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-03-24T21:15:11.037", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/ipfs/go-ipfs/commit/b7ddba7fe47dee5b1760b8ffe897908417e577b2"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/ipfs/go-ipfs/security/advisories/GHSA-27pv-q55r-222g"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Primary"}]}