CVE-2024-35183

Summary

CVE-2024-35183: A vulnerability was discovered in the wolfictl command-line tool, affecting versions prior to 0.16.10. This issue stems from a Git authentication problem, allowing a user's GitHub token to be sent to unintended remote servers. The affected function, `GetGitAuth`, looks for a GitHub token in the `GITHUB_TOKEN` environment variable and returns it to authenticate with the `github.com/go-git/go-git/v5` library. Some callers of this function did not verify that the remote git repository was hosted on github.com, resulting in the token being sent to unauthorized servers. This vulnerability arose in commit 0d06e1578300327c212dda26a5ab31d09352b9d0, on January 25, 2023. Users who ran `wolfictl check update` commands with Melange configurations referencing non-github.com git repositories or used `wolfictl update <url>` with a remote URL outside of github.com, while having the `GITHUB_TOKEN` set, are at risk. To mitigate this issue, users should upgrade to version 0.16.10.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.