fast-uri Path Traversal Vulnerability via Percent-Encoded Dot Segments
Vulnerability
A path traversal vulnerability has been identified in fast-uri versions through 3.1.0. The issue arises because the library decodes percent-encoded path separators and dot segments before removing dot segments in its normalization and equality comparison functions. This behavior allows distinct URIs to collapse into the same normalized path, potentially bypassing path-based policies in applications that normalize or compare URLs controlled by an attacker. For instance, a path that appears to be within an allowed prefix could normalize to a different location, creating a security risk.
Impact
Exploitation of this vulnerability can lead to unauthorized path traversal, allowing attackers to bypass path-based security policies and access restricted resources or directories.
Remediation
Users are advised to upgrade to fast-uri version 3.1.1 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.