Vulnerability Description
Armeria is an open source microservice framework. In affected versions an attacker can access an Armeria server's local file system beyond its restricted directory by sending an HTTP request whose path contains `%2F` (encoded `/`), such as `/files/..%2Fsecrets.txt`, bypassing Armeria's path validation logic. Armeria 1.13.4 or above contains the hardened path validation logic that handles `%2F` properly. This vulnerability can be worked around by inserting a decorator that performs an additional validation on the request path.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linecorp | Armeria | < 1.13.4 |
Related Weaknesses (CWE)
References
- https://github.com/line/armeria/commit/e2697a575e9df6692b423e02d731f293c1313284PatchThird Party Advisory
- https://github.com/line/armeria/pull/3855Third Party Advisory
- https://github.com/line/armeria/security/advisories/GHSA-8fp4-rp6c-5gcvThird Party Advisory
- https://github.com/line/armeria/commit/e2697a575e9df6692b423e02d731f293c1313284PatchThird Party Advisory
- https://github.com/line/armeria/pull/3855Third Party Advisory
- https://github.com/line/armeria/security/advisories/GHSA-8fp4-rp6c-5gcvThird Party Advisory
FAQ
What is CVE-2021-43795?
CVE-2021-43795 is a vulnerability with a CVSS score of 7.5 (HIGH). Armeria is an open source microservice framework. In affected versions an attacker can access an Armeria server's local file system beyond its restricted directory by sending an HTTP request whose pat...
How severe is CVE-2021-43795?
CVE-2021-43795 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-43795?
Check the references section above for vendor advisories and patch information. Affected products include: Linecorp Armeria.