The goal of this proxy is to perform authentication if needed and forward HTTP requests to the DataHub Metadata Store (GMS). The DataHub frontend acts as a proxy able to forward any REST or GraphQL requests to the backend. (2.) Sanitize to the value of `search_history` cookie after base64 decoding it.ĭataHub is an open-source metadata platform. If users are unable to upgrade immediately, the following workarounds may be applied: (1.) Use a proxy to always drop the `search_history` cookie until upgraded. This issue is patched with commit id 5ae9ca83b73. If it is known that the database was modified, a full restoration of data is possible by performing a full database wipe and performing full update of all components. On the database, only public data is stored, so there is no confidentiality issues to site users. A proof of concept malformed cookie was generated that wiped the database or changed it's content. As a result, any user can modify the browser's cookie value and inject most SQL queries. These are string loaded directly into the SQL query with `atom = '%s'` format string. If the user selects (in user preferences) the "Recently Visited Packages" view for the index page, the value of the `search_history` cookie is used as a base64 encoded comma separated list of atoms. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |