漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
SiYuan: Authenticated path traversal in /snippets/ static handler (serveSnippets) leaks conf/conf.json secrets and siyuan.db
Vulnerability Description
SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /snippets/*filepath route handler serveSnippets in kernel/server/serve.go joins a single-decoded request path with the snippets directory without subpath containment or sensitive-path checks, allowing an authenticated request such as /snippets/%2e%2e/%2e%2e/conf/conf.json to read workspace secrets and the document database. This issue is fixed in versions 3.7.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SiYuan 路径遍历漏洞
Vulnerability Description
SiYuan是SiYuan团队开源的一个个人知识管理系统。 SiYuan 3.7.1之前版本存在路径遍历漏洞,该漏洞源于/snippets/*filepath路由处理程序在路径连接时未进行子路径包含或敏感路径检查,可能导致已认证用户通过类似/snippets/%2e%2e/%2e%2e/conf/conf.json的请求读取工作区密钥和文档数据库。
CVSS Information
N/A
Vulnerability Type
N/A