CVE-2022-29180

Name of the Vulnerable Software and Affected Versions charm versions prior to 0.12.1

Description A vulnerability allows attackers to forge HTTP requests to manipulate the charm data directory, potentially accessing or deleting anything on the server. Encrypted user data uploaded to the Charm server is safe, as Charm servers cannot decrypt user data. This includes filenames, paths, and all key-value data. Users running the official Charm Docker images are at minimal risk because the exploit is limited to the containerized filesystem. The vulnerability was found in-house, and there have been no notifications of potential exploiters.

Recommendations For versions prior to 0.12.1, update to release 0.12.1 immediately to patch the vulnerability. As a temporary workaround, consider restricting access to the charm data directory until the update is applied. Users running self-hosted charm instances should prioritize this update.