CVE-2022-37866

CWE-22Path Traversal5 documents5 sources
Severity
7.5HIGH
EPSS
1.0%
top 23.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache Software Foundation Apache IVYApache IVY
Timeline
PublishedNov 7

Description

When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or version. If said coordinates contain "../" sequences - which are valid characters for Ivy coordinates in general - it is possible the artifacts are stored outside of Ivy's local cache or repository or can overwrite different artifacts inside of the local cache. In order to exploit

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDapache/ivy2.0.02.5.1
Mavenorg.apache.ivy:ivy2.0.02.5.1
CVEListV5apache_software_foundation/apache_ivy2.0.0unspecified+1

🔴Vulnerability Details

3
OSV
Apache Ivy vulnerable to path traversal2022-11-07
GHSA
Apache Ivy vulnerable to path traversal2022-11-07
CVEList
Apache Ivy allows path traversal in the presence of a malicious repository2022-11-07

📋Vendor Advisories

1
Red Hat
Ivy: Ivy Path traversal2022-11-04
CVE-2022-37866 (HIGH CVSS 7.5) | When Apache Ivy downloads artifacts | cvebase.io