Vulnerabilities > CVE-2022-29180 - Server-Side Request Forgery (SSRF) vulnerability in Charm

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

charm

CWE-918

NVD

Published: 2022-05-07

Updated: 2022-05-16

Summary

A vulnerability in which attackers could forge HTTP requests to manipulate the `charm` data directory to access or delete anything on the server. This has been patched and is available in release [v0.12.1](https://github.com/charmbracelet/charm/releases/tag/v0.12.1). We recommend that all users running self-hosted `charm` instances update immediately. This vulnerability was found in-house and we haven't been notified of any potential exploiters. ### Additional notes * Encrypted user data uploaded to the Charm server is safe as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. * Users running the official Charm [Docker images](https://github.com/charmbracelet/charm/blob/main/docker.md) are at minimal risk because the exploit is limited to the containerized filesystem.

Vulnerable Configurations

Part	Description	Count
Application	Charm Charm Charm 0.9.0 Charm Charm 0.9.1 Charm Charm 0.9.2 Charm Charm 0.10.0 Charm Charm 0.10.1 Charm Charm 0.10.2 Charm Charm 0.10.3 Charm Charm 0.11.0 Charm Charm 0.12.0	9

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References