GHSA-9qwg-crg9-m2vc: `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read

March 24, 2023

SubjectAlternativeName and ExtendedKeyUsage arguments were parsed using the OpenSSL function X509V3_EXT_nconf. This function parses all input using an OpenSSL mini-language which can perform arbitrary file reads.

Thanks to David Benjamin (Google) for reporting this issue.

References

github.com/advisories/GHSA-9qwg-crg9-m2vc
github.com/sfackler/rust-openssl
github.com/sfackler/rust-openssl/pull/1854
rustsec.org/advisories/RUSTSEC-2023-0023.html

Detect and mitigate GHSA-9qwg-crg9-m2vc with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →