OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

openssl SubjectAlternativeName and ExtendedKeyUsage::other allow arbitrary file read (#1656)

Browse Source 
* openssl file disclosure

* Update crates/openssl/RUSTSEC-0000-0000.md

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>

---------

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
This commit is contained in:
Paul Kehrer
2023-03-24 10:46:37 +08:00
committed by GitHub
parent f863caf8fd
commit 5a9bbcceed
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
crates/openssl/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,22 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "openssl"
date = "2023-03-24"
url = "https://github.com/sfackler/rust-openssl/pull/1854"
categories = ["file-disclosure"]
[affected]
functions = { "openssl::x509::extension::SubjectAlternativeName::new" = ["< 0.10.48, >=0.9.7"], "openssl::x509::extension::ExtendedKeyUsage::other" = ["< 0.10.48, >=0.9.7"] }
[versions]
patched = [">= 0.10.48"]
```
# `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read
`SubjectAlternativeName` and `ExtendedKeyUsage` arguments were parsed using the OpenSSL
function `X509V3_EXT_nconf`. This function parses all input using an OpenSSL mini-language
which can perform arbitrary file reads.
Thanks to David Benjamin (Google) for reporting this issue.