SCA: security update for io.github.robothy:local-s3-rest (GHSA-g6wm-2v64-wq36)

medium Tenable Cloud Security Plugin ID 421085

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- LocalS3 is an Amazon S3 mock service for testing and local development. Prior to version 1.21, the LocalS3
service's bucket creation endpoint is vulnerable to XML External Entity (XXE) injection. When processing
the CreateBucketConfiguration XML document during bucket creation, the service's XML parser is configured
to resolve external entities. This allows an attacker to declare an external entity that references an
internal URL, which the server will then attempt to fetch when parsing the XML. The vulnerability
specifically occurs in the location constraint processing, where the XML parser resolves external entities
without proper validation or restrictions. When the external entity is resolved, the server makes an HTTP
request to the specified URL and includes the response content in the parsed XML document. This
vulnerability can be exploited to perform server-side request forgery (SSRF) attacks, allowing an attacker
to make requests to internal services or resources that should not be accessible from external networks.
The server will include the responses from these internal requests in the resulting bucket configuration,
effectively leaking sensitive information. The attacker only needs to be able to send HTTP requests to the
LocalS3 service to exploit this vulnerability. (CVE-2025-27136)

See Also

https://github.com/advisories/GHSA-g6wm-2v64-wq36

Plugin Details

Severity: Medium

ID: 421085

Version: Revision 1.10

Type: Local

Family: SCA Checks

Published: 3/11/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.75

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2025-27136

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 6.9

Threat Score: 5.5

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/10/2025

Vulnerability Publication Date: 3/10/2025

Reference Information

CVE: CVE-2025-27136

cwe: CWE-611