CVE-2021-41150: Improper sanitization of delegated role names
The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is cached or loaded, files ending with the .json extension could be overwritten with role metadata anywhere on the system.
AWS would like to thank https://github.com/jku for reporting this issue.
References
- github.com/advisories/GHSA-r56q-vv3c-6g9c
- github.com/awslabs/tough
- github.com/awslabs/tough/commit/1809b9bd1106d78a51fbea3071aa97a3530bac9a
- github.com/awslabs/tough/security/advisories/GHSA-r56q-vv3c-6g9c
- github.com/theupdateframework/python-tuf/security/advisories/GHSA-wjw6-2cqr-j4qr
- nvd.nist.gov/vuln/detail/CVE-2021-41150
Detect and mitigate CVE-2021-41150 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →