GHSA-7r87-cj48-wj45
Suggest an improvement- Source
- https://github.com/advisories/GHSA-7r87-cj48-wj45
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-7r87-cj48-wj45/GHSA-7r87-cj48-wj45.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-7r87-cj48-wj45
- Aliases
- Related
- Published
- 2022-04-26T21:19:52Z
- Modified
- 2024-09-20T21:25:20.021255Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Potential Captcha Validate Bypass in flask-session-captcha
- Details
-
Impact
flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.
The
captcha.validate()function would returnNoneif passed no value (e.g. by submitting a request with an empty form).If implementing users were checking the return value to be False, the captcha verification check could be bypassed.
Sample vulnerable code:
if captcha.validate() == False: ... # abort else: ... # do stuffPatches
A new version (1.2.1) is available that fixes the issue.
Workarounds
Users can workaround the issue by not explicitly checking that the value is False.
Checking the return value less explicitly should still work.
if not captcha.validate(): ... # abort else: ... # do stuffif captcha.validate(): ... # do stuff else: ... # abortReferences
https://github.com/Tethik/flask-session-captcha/pull/27
For more information
If you have any questions or comments about this advisory: * Open an issue in the github repo
- Database specific
{ "nvd_published_at": "2022-04-25T22:15:00Z", "cwe_ids": [ "CWE-253", "CWE-394", "CWE-754" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-04-26T21:19:52Z" }- References
-
- https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45
- https://nvd.nist.gov/vuln/detail/CVE-2022-24880
- https://github.com/Tethik/flask-session-captcha/pull/27
- https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4
- https://github.com/Tethik/flask-session-captcha
- https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1
- https://github.com/pypa/advisory-database/tree/main/vulns/flask-session-captcha/PYSEC-2022-193.yaml
Affected packages
PyPI / flask-session-captcha
Package
- Name
- flask-session-captcha
- View open source insights on deps.dev
- Purl
- pkg:pypi/flask-session-captcha