Platform
java
Component
com.reposilite:reposilite-backend
Fixed in
3.3.1
3.5.12
CVE-2024-36117 is a Path Traversal vulnerability discovered in Reposilite Backend. This flaw allows attackers to read arbitrary files on the server by manipulating the resource path within javadoc requests. The vulnerability impacts Reposilite Backend versions before 3.5.12 and can lead to unauthorized access to sensitive information. A fix is available in version 3.5.12.
The vulnerability lies in the handling of expanded javadoc files within the /javadoc/{repository}/<gav>/raw/<resource> endpoint. An attacker can craft a malicious <resource> path containing path traversal sequences (e.g., ../..) to navigate outside the intended javadocUnpackPath directory. This allows them to read files they shouldn't have access to, such as configuration files, source code, or other sensitive data stored on the server. The potential impact includes data breaches, compromise of credentials, and potential for further exploitation if sensitive files contain valuable information. This vulnerability shares similarities with other path traversal exploits where attackers leverage predictable file paths to gain unauthorized access.
CVE-2024-36117 was publicly disclosed on 2024-11-04. There is no indication of active exploitation at this time, nor is it listed on the CISA KEV catalog. Public proof-of-concept exploits are currently unavailable, but the vulnerability's nature makes it likely that one will emerge. The vulnerability's ease of exploitation (requiring only crafted URL parameters) suggests a medium probability of exploitation if a PoC is released.
Exploit Status
EPSS
77.57% (99% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade Reposilite Backend to version 3.5.12 or later, which includes the fix for this vulnerability. If upgrading immediately is not possible, consider implementing temporary workarounds. One approach is to restrict access to the /javadoc endpoint to trusted users or networks. Another is to implement input validation on the <resource> parameter to prevent path traversal sequences. Additionally, consider using a Web Application Firewall (WAF) to filter requests containing suspicious path characters. After upgrading, verify the fix by attempting to access a file outside the intended javadocUnpackPath directory via the /javadoc endpoint; the request should be denied.
Actualice Reposilite a la versión 3.5.12 o superior. Esta versión corrige la vulnerabilidad de path traversal que permite la lectura arbitraria de archivos. La actualización se puede realizar descargando la nueva versión desde el sitio web oficial o utilizando el gestor de dependencias correspondiente.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-36117 is a Path Traversal vulnerability in Reposilite Backend versions before 3.5.12, allowing attackers to read arbitrary files via manipulated javadoc requests.
You are affected if you are running Reposilite Backend versions prior to 3.5.12. Check your version and upgrade immediately if vulnerable.
Upgrade to Reposilite Backend version 3.5.12 or later to patch the vulnerability. Consider temporary workarounds like restricting access to the /javadoc endpoint if immediate upgrade is not possible.
There is currently no confirmed active exploitation of CVE-2024-36117, but the vulnerability's nature suggests a potential for future exploitation.
Refer to the official Reposilite security advisory for detailed information and updates: [https://github.com/dzikoysk/reposilite/security/advisories/GHSA-9999](https://github.com/dzikoysk/reposilite/security/advisories/GHSA-9999)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.