mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-07 04:01:35 +01:00

Files

github-actions[bot] 2b64ec8831 Assigned RUSTSEC-2022-0072 to hyper-staticfile (#1500 )

Co-authored-by: alex <alex@users.noreply.github.com>

2022-12-23 08:57:25 -05:00

973 B

Raw Blame History

[advisory]
id = "RUSTSEC-2022-0072"
package = "hyper-staticfile"
date = "2022-12-23"
url = "https://github.com/stephank/hyper-staticfile/commit/f12cadc6666c6f555d29725f5bc45da2103f24ea"
categories = ["format-injection"]
keywords = ["open redirect", "http"]

[versions]
patched = ["^0.9.4", ">= 0.10.0-alpha.5"]

Location header incorporates user input, allowing open redirect

When hyper-staticfile performs a redirect for a directory request (e.g. a request for /dir that redirects to /dir/), the Location header value was derived from user input (the request path), simply appending a slash. The intent was to perform an origin-relative redirect, but specific inputs allowed performing a scheme-relative redirect instead.

An attacker could craft a special URL that would appear to be for the correct domain, but immediately redirects to a malicious domain. Such a URL can benefit phishing attacks, for example an innocent looking link in an email.

973 B Raw Blame History

Location header incorporates user input, allowing open redirect

973 B

Raw Blame History