I’m using SCM-Manager 2.27.2 and our security team found a path traversal attach.
Example: wget --no-check-certificate https://xxx:14151/scm//etc/passwd
Its unclear if this issue is due to a misconfiguration of SCM-Manager or a vulnerability in the application itself. SCM-Manager release notes and security advisories do not state that the current version is affected by a known pathtraversal vulnerability
Can you help?
thanks for this report. We can reproduce this and have found the error. Right now the release build of 2.29.1 is running and the fixed version should be available within the next hour.
The fixed version is released. The related blog post can be found here.
We decided to “unlist” this post for the next days, so users have the chance to patch their installations.
We will make this public again after some time (probably following responsible disclosure standards).
We hope you approve this approach, @rjsalmeida . And thanks again for this important information.
I have closed this thread since there was no activity in the last 30 days.