CVE-2023-40274

Name
CVE-2023-40274
Description
An issue was discovered in zola 0.13.0 through 0.17.2. The custom implementation of a web server, available via the "zola serve" command, allows directory traversal. The handle_request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, which allows one to escape the webroot of the server and read arbitrary files from the filesystem.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/getzola/zola/issues/2257
MISC https://github.com/getzola/zola/pull/2258

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:getzola:zola:*:*:*:*:*:*:*:* zola >= 0.13.0 <= 0.17.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
zola 3.18-community 0.17.2-r0 Erwan Rouchet <lucidiot@brainshit.fr> possibly vulnerable
zola 3.19-community 0.17.2-r3 Erwan Rouchet <lucidiot@brainshit.fr> possibly vulnerable