SCA: security update for com.reposilite:reposilite-backend (GHSA-frvj-cfq4-3228)

high Tenable Self-Hosted Container Security Plugin ID 414688

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in
JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain
documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the javadoc
archive into the server's file system and return its content. The problem is in the way how the archives
are expanded, specifically how the new filename is created. The `file.name` taken from the archive can
contain path traversal characters, such as '/../../../anything.txt', so the resulting extraction path can
be outside the target directory. If the archive is taken from an untrusted source, such as Maven Central
or JitPack for example, an attacker can craft a special archive to overwrite any local file on Reposilite
instance. This could lead to remote code execution, for example by placing a new plugin into the
'$workspace$/plugins' directory. Alternatively, an attacker can overwrite the content of any other
package. Note that the attacker can use its own malicious package from Maven Central to overwrite any
other package on Reposilite. Reposilite has addressed this issue in version 3.5.12. Users are advised to
upgrade. There are no known workarounds for this vulnerability. This issue was discovered and reported by
the GitHub Security lab and is also tracked as GHSL-2024-073. (CVE-2024-36116)

See Also

https://github.com/advisories/GHSA-frvj-cfq4-3228

Plugin Details

Severity: High

ID: 414688

Version: Revision 1.26

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 57.55

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-36116

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 6.3

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 8/2/2024

Vulnerability Publication Date: 6/19/2024

Reference Information

CVE: CVE-2024-36116

cwe: CWE-22