Search

Find a vulnerability

Search criteria

    Related vulnerabilities

    PYSEC-2021-96

    Vulnerability from pysec - Published: 2021-06-11 00:15 - Updated: 2021-06-15 05:47
    VLAI
    Details

    This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using 'autocorrect_location_header=False.

    Impacted products
    Name purl
    flask-unchained pkg:pypi/flask-unchained

    {
      "affected": [
        {
          "package": {
            "ecosystem": "PyPI",
            "name": "flask-unchained",
            "purl": "pkg:pypi/flask-unchained"
          },
          "ranges": [
            {
              "events": [
                {
                  "introduced": "0"
                },
                {
                  "fixed": "71e36b28166f9ffbe0a991f51127f0984f7e6a40"
                }
              ],
              "repo": "https://github.com/briancappello/flask-unchained",
              "type": "GIT"
            },
            {
              "events": [
                {
                  "introduced": "0"
                },
                {
                  "fixed": "0.9.0"
                }
              ],
              "type": "ECOSYSTEM"
            }
          ],
          "versions": [
            "0.1.2",
            "0.1.3",
            "0.1.4",
            "0.1.5",
            "0.1.6",
            "0.2.0",
            "0.2.1",
            "0.2.2",
            "0.3.0",
            "0.3.1",
            "0.3.2",
            "0.4.0",
            "0.4.1",
            "0.4.2",
            "0.5.0",
            "0.5.1",
            "0.6.0",
            "0.6.1",
            "0.6.2",
            "0.6.3",
            "0.6.4",
            "0.6.5",
            "0.6.6",
            "0.7.0",
            "0.7.1",
            "0.7.2",
            "0.7.3",
            "0.7.4",
            "0.7.5",
            "0.7.6",
            "0.7.7",
            "0.7.8",
            "0.7.9",
            "0.8.0",
            "0.8.1"
          ]
        }
      ],
      "aliases": [
        "CVE-2021-23393",
        "SNYK-PYTHON-FLASKUNCHAINED-1293189",
        "GHSA-pjc4-3w99-j7v4"
      ],
      "details": "This affects the package Flask-Unchained before 0.9.0. When using the the _validate_redirect_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\\\\evil.com/path. This vulnerability is only exploitable if an alternative WSGI server other than Werkzeug is used, or the default behaviour of Werkzeug is modified using \u0027autocorrect_location_header=False.",
      "id": "PYSEC-2021-96",
      "modified": "2021-06-15T05:47:49.199835Z",
      "published": "2021-06-11T00:15:00Z",
      "references": [
        {
          "type": "ADVISORY",
          "url": "https://snyk.io/vuln/SNYK-PYTHON-FLASKUNCHAINED-1293189"
        },
        {
          "type": "FIX",
          "url": "https://github.com/briancappello/flask-unchained/commit/71e36b28166f9ffbe0a991f51127f0984f7e6a40"
        },
        {
          "type": "ADVISORY",
          "url": "https://github.com/advisories/GHSA-pjc4-3w99-j7v4"
        }
      ]
    }