Tough
CVE-2021-41149
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize target names when caching a repository, or when saving specific targets to an output directory. When targets are cached or saved, files could be overwritten with arbitrary content anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known.
AnalysisAI
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
Technical ContextAI
This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. The tough library, prior to 0.12.0, does not properly sanitize target names when caching a repository, or when saving specific targets to an output directory. When targets are cached or saved, files could be overwritten with arbitrary content anywhere on the system. A fix is available in version 0.12.0. No workarounds to this issue are known. Affected products include: Amazon Tough. Version information: prior to 0.12.0.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.
The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signat
Path traversal vulnerabilities in AWS Tough (a Rust TUF client library) versions prior to 0.22.0 enable authenticated us
Metadata integrity bypass in AWS tough (TUF client library) before v0.22.0 allows authenticated users with delegated sig
Tough provides a set of Rust libraries and tools for using and generating the update framework (TUF) repositories. Rated
During a snapshot rollback, the client incorrectly caches the timestamp metadata. Rated medium severity (CVSS 5.7), this
During a target rollback, the client fails to detect the rollback for delegated targets. Rated medium severity (CVSS 5.7
Missing validation of the root metatdata version number could allow an actor to supply an arbitrary version number to th
Missing validation of terminating delegation causes the client to continue searching the defined delegation list, even a
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today