Vulnerabilities

 2 via 3 paths

Dependencies

 18

Source

 GitHub

Commit

 df967ba2

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
  • 1
Status
  • 2
  • 0
  • 0

high severity

Information Exposure

  • Vulnerable module: flask
  • Introduced through: flask@2.0.1

Detailed paths

  • Introduced through: Patrowl/PatrowlEngines@Patrowl/PatrowlEngines#df967ba260377fccd185628176116d08c12d5978 flask@2.0.1
    Remediation: Upgrade to flask@2.2.5.

Overview

Affected versions of this package are vulnerable to Information Exposure in the form of exposing the permanent session cookie, when all of the following conditions are met:

  1. The application is hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.

  2. The application sets session.permanent = True.

  3. The application does not access or modify the session at any point during a request.

  4. SESSION_REFRESH_EACH_REQUEST is enabled (the default).

  5. The application does not set a Cache-Control header to indicate that a page is private or should not be cached.

A response containing data intended for one client may be cached and sent to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session cookie to other clients. Under these conditions, the Vary: Cookie header is not set when a session is refreshed (re-sent to update the expiration) without being accessed or modified.

Remediation

Upgrade flask to version 2.2.5, 2.3.2 or higher.

References

Information Exposure vulnerability report

medium severity

Inefficient Algorithmic Complexity

  • Vulnerable module: werkzeug
  • Introduced through: werkzeug@2.2.3 and flask@2.0.1

Detailed paths

  • Introduced through: Patrowl/PatrowlEngines@Patrowl/PatrowlEngines#df967ba260377fccd185628176116d08c12d5978 werkzeug@2.2.3
    Remediation: Upgrade to werkzeug@2.3.8.
  • Introduced through: Patrowl/PatrowlEngines@Patrowl/PatrowlEngines#df967ba260377fccd185628176116d08c12d5978 flask@2.0.1 werkzeug@2.2.3
    Remediation: Upgrade to flask@2.0.1.

Overview

Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in multipart data parsing. An attacker can cause a denial of service and block worker processes from handling legitimate requests by sending crafted multipart data to an endpoint that will parse it, eventually exhausting or killing all available workers.

Exploiting this vulnerability is possible if the uploaded file starts with CR or LF and is followed by megabytes of data without these characters.

Remediation

Upgrade werkzeug to version 2.3.8, 3.0.1 or higher.

References

Inefficient Algorithmic Complexity vulnerability report