PT-2023-27762 · Unknown+1 · Accesscontrol+1
Dataflake
·
Publicado
2023-09-06
·
Atualizado
2023-09-13
·
CVE-2023-41050
CVSS v3.1
6.8
Média
| Vetor | AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
AccessControl versions prior to 4.4
AccessControl versions prior to 5.8
AccessControl versions prior to 6.2
Description
The issue arises from Python's "format" functionality, which allows someone controlling the format string to access objects via attribute access and subscription. This can lead to critical information disclosure because the attribute accesses and subscriptions use Python's full-blown
getattr and getitem, rather than the policy-restricted AccessControl variants getattr and getitem. AccessControl provides a safe variant for str.format and denies access to string.Formatter, but str.format map remains unsafe. Users who allow untrusted users to create and execute AccessControl controlled Python code are affected.Recommendations
For versions prior to 4.4, upgrade to version 4.4 or later.
For versions prior to 5.8, upgrade to version 5.8 or later.
For versions prior to 6.2, upgrade to version 6.2 or later.
As a temporary workaround, consider restricting access to
str.format map until a patch is available.Exploit
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Accesscontrol
Python