CVE-2024-35183

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published May 15, 2024
Updated: May 16, 2024
CWE ID 552
CWE ID 668

Summary

CVE-2024-35183: A vulnerability was discovered in the wolfictl command-line tool, affecting versions prior to 0.16.10. This issue stems from a Git authentication problem, allowing a user's GitHub token to be sent to unintended remote servers. The affected function, `GetGitAuth`, looks for a GitHub token in the `GITHUB_TOKEN` environment variable and returns it to authenticate with the `github.com/go-git/go-git/v5` library. Some callers of this function did not verify that the remote git repository was hosted on github.com, resulting in the token being sent to unauthorized servers. This vulnerability arose in commit 0d06e1578300327c212dda26a5ab31d09352b9d0, on January 25, 2023. Users who ran `wolfictl check update` commands with Melange configurations referencing non-github.com git repositories or used `wolfictl update <url>` with a remote URL outside of github.com, while having the `GITHUB_TOKEN` set, are at risk. To mitigate this issue, users should upgrade to version 0.16.10.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2024-35183 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions