CVE-2023-40274

Name of the Vulnerable Software and Affected Versions zola versions 0.13.0 through 0.17.2

Description An issue was discovered in the custom implementation of a web server, available via the "zola serve" command, which allows directory traversal. The handle request function, used by the server to process HTTP requests, does not account for sequences of special path control characters (../) in the URL when serving a file, allowing one to escape the webroot of the server and read arbitrary files from the filesystem.

Recommendations For zola versions 0.13.0 through 0.17.2, consider disabling the handle request function or restricting access to the web server until a patch is available. As a temporary workaround, avoid using the "zola serve" command to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.