julien040/anyquery CVE Request 2: Path Traversal in read_json Module

 CVE Request 2: Path Traversal in read_json Module

  • Title: Path Traversal Vulnerability in read_json Module Due to Unvalidated File Path

  • Affected Componentmodule/read_json.goPrepare Method

  • Attack Vector: Malicious SQL query, such as SELECT * FROM read_json('/etc/passwd' AS path).

  • Description: The read_json table function uses file paths provided directly by SQL queries without validation, allowing path traversal to read arbitrary files on the server.

  • Vulnerability Type: Path Traversal (CWE-22)

  • Impact: Attackers may read any file the anyquery process has access to, potentially exposing sensitive files and secrets.

  • Suggested Fix: Use filepath.Clean and convert the path to an absolute path. Check that it resides within a trusted base directory before file access.

posted @ 2025-06-17 21:03  Aibot  阅读(15)  评论(0)    收藏  举报