Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): fix path traversal vulnerability (CVE-2024-10834) #2267

Merged
merged 2 commits into from
Jan 3, 2025
Merged

fix(security): fix path traversal vulnerability (CVE-2024-10834) #2267

merged 2 commits into from
Jan 3, 2025

Conversation

haawha
Copy link
Contributor

@haawha haawha commented Jan 2, 2025

Description

This PR fixes a critical path traversal vulnerability (CVE-2024-10834) in the plugin upload functionality. The vulnerability could allow attackers to write files to arbitrary locations on the filesystem through maliciously crafted filenames.

Changes

  • Added filename sanitization to remove unsafe characters and path components
  • Implemented path validation to prevent directory traversal attempts
  • Added secure temporary file handling with proper cleanup
  • Improved error handling for failed uploads

Security Impact

  • Vulnerability: Path Traversal (CWE-22)
  • CVSS Score: 7.5 (High)
  • Affected Versions: All versions before this fix
  • Fixed Versions: Current PR

Testing

The fix has been tested against:

  • Basic file uploads
  • Filenames with special characters
  • Directory traversal attempts
  • Error cases and cleanup scenarios

Upgrade Instructions

Users should upgrade to this version immediately to prevent potential security exploits.

Related Issues

  • Fixes CVE-2024-10834

Checklist:

  • My code follows the style guidelines of this project
  • I have already rebased the commits and make the commit message conform to the project standard.
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • Any dependent changes have been merged and published in downstream modules

@haawha
fix(security): fix path traversal vulnerability (CVE-2024-10834)
3a061cf 
Prevent directory traversal attacks in plugin upload by implementing secure filename validation and path checks.
@github-actions github-actions bot added the fix Bug fixes label Jan 2, 2025
Aries-ckt
Aries-ckt approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@Aries-ckt Aries-ckt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

yhjun1026
yhjun1026 approved these changes Jan 3, 2025
View reviewed changes
Copy link
Collaborator

@yhjun1026 yhjun1026 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

r+

@Aries-ckt Aries-ckt merged commit ad1e8e2 into eosphoros-ai:main Jan 3, 2025
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aries-ckt Aries-ckt Aries-ckt approved these changes

@yhjun1026 yhjun1026 yhjun1026 approved these changes

Assignees
No one assigned
Labels
fix Bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@haawha @yhjun1026 @Aries-ckt