CVE-2021-43821: Files or Directories Accessible to External Parties
(updated )
Opencast is an Open Source Lecture Capture & Video Management for Education.You can mitigate this issue by narrowing down the read access Opencast has to files on the file system using UNIX permissions or mandatory access control systems like SELinux. This cannot prevent access to files Opencast needs to read though and we highly recommend updating.
References
- github.com/opencast/opencast/blob/69952463971cf578363e3b97d8edaf334ff51253/modules/ingest-service-impl/src/main/java/org/opencastproject/ingest/impl/IngestServiceImpl.java
- github.com/opencast/opencast/commit/65c46b9d3e8f045c544881059923134571897764
- github.com/opencast/opencast/security/advisories/GHSA-59g4-hpg3-3gcp
- mvnrepository.com/artifact/org.opencastproject/opencast-ingest-service-impl
- nvd.nist.gov/vuln/detail/CVE-2021-43821
Detect and mitigate CVE-2021-43821 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →