Find, fix and prevent vulnerabilities in your code.
high severity
- Vulnerable module: flask
- Introduced through: flask@2.0.1
Detailed paths
-
Introduced through: Patrowl/PatrowlEngines@Patrowl/PatrowlEngines#df967ba260377fccd185628176116d08c12d5978 › flask@2.0.1Remediation: Upgrade to flask@2.2.5.
Overview
Affected versions of this package are vulnerable to Information Exposure in the form of exposing the permanent session cookie, when all of the following conditions are met:
The application is hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
The application sets
session.permanent = True
.The application does not access or modify the session at any point during a request.
SESSION_REFRESH_EACH_REQUEST
is enabled (the default).The application does not set a
Cache-Control
header to indicate that a page is private or should not be cached.
A response containing data intended for one client may be cached and sent to other clients. If the proxy also caches Set-Cookie
headers, it may send one client's session
cookie to other clients. Under these conditions, the Vary: Cookie
header is not set when a session is refreshed (re-sent to update the expiration) without being accessed or modified.
Remediation
Upgrade flask
to version 2.2.5, 2.3.2 or higher.
References
medium severity
- Vulnerable module: werkzeug
- Introduced through: werkzeug@2.2.3 and flask@2.0.1
Detailed paths
-
Introduced through: Patrowl/PatrowlEngines@Patrowl/PatrowlEngines#df967ba260377fccd185628176116d08c12d5978 › werkzeug@2.2.3Remediation: Upgrade to werkzeug@2.3.8.
-
Introduced through: Patrowl/PatrowlEngines@Patrowl/PatrowlEngines#df967ba260377fccd185628176116d08c12d5978 › flask@2.0.1 › werkzeug@2.2.3Remediation: Upgrade to flask@2.0.1.
Overview
Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in multipart data parsing. An attacker can cause a denial of service and block worker processes from handling legitimate requests by sending crafted multipart data to an endpoint that will parse it, eventually exhausting or killing all available workers.
Exploiting this vulnerability is possible if the uploaded file starts with CR
or LF
and is followed by megabytes of data without these characters.
Remediation
Upgrade werkzeug
to version 2.3.8, 3.0.1 or higher.