CVE-2022-21687
MEDIUMgh-ost < 1.1.3 - Arbitrary File Read via Database Parameter
Title source: llmDescription
gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus network access from host running gh-ost to the attack's malicious MySQL server. The `-database` parameter does not properly sanitize user input which can lead to arbitrary file reads.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
https://github.com/github/gh-ost/security/advisories/GHSA-rrp4-2xx3-mv29
Patch, Third Party Advisory x_refsource_misc
https://github.com/github/gh-ost/commit/a91ab042de013cfd8fbb633763438932d9080d8f
Scores
CVSS v3
6.8
EPSS
0.0100
EPSS Percentile
58.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (2)
github/gh-ost
< 1.1.3
github/gh-ost
0 - 1.1.3Go
Published
Feb 01, 2022
Tracked Since
Feb 18, 2026