CVE-2024-27916: `GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user
(updated )
A Minder user can use the endpoints listed in the issue title to access any repository in the DB, irrespective of who owns the repo and any permissions that user may have.
References
- github.com/advisories/GHSA-v627-69v2-xx37
- github.com/stacklok/minder
- github.com/stacklok/minder/blob/a115c8524fbd582b2b277eaadce024bebbded508/internal/controlplane/handlers_repositories.go
- github.com/stacklok/minder/blob/main/internal/controlplane/handlers_repositories.go
- github.com/stacklok/minder/commit/45750b4e9fb2de33365758366e06c19e999bd2eb
- github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37
- nvd.nist.gov/vuln/detail/CVE-2024-27916
Code Behaviors & Features
Detect and mitigate CVE-2024-27916 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →