GoogleOSV:GHSA-8X94-HMJH-97HQDjango vulnerable to Reflected File Download attack
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
74.4%
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
References
www.openwall.com/lists/oss-security/2022/08/03/1
docs.djangoproject.com/en/4.0/releases/security
github.com/django/django
github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80
github.com/django/django/commit/b7d9529cbe0af4adabb6ea5d01ed8dcce3668fb3
github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173
github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2022-245.yaml
groups.google.com/g/django-announce/c/8cz--gvaJr4
lists.fedoraproject.org/archives/list/[email protected]/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK
lists.fedoraproject.org/archives/list/[email protected]/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI
nvd.nist.gov/vuln/detail/CVE-2022-36359
security.netapp.com/advisory/ntap-20220915-0008
www.debian.org/security/2022/dsa-5254
www.djangoproject.com/weblog/2022/aug/03/security-releases
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.004 Low
EPSS
Percentile
74.4%