Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-42367

Good to know:

icon
icon

Date: August 9, 2024

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.2, static routes which contain files with compressed variants (`.gz` or `.br` extension) are vulnerable to path traversal outside the root directory if those variants are symbolic links. The server protects static routes from path traversal outside the root directory when `follow_symlinks=False` (default). It does this by resolving the requested URL to an absolute path and then checking that path relative to the root. However, these checks are not performed when looking for compressed variants in the `FileResponse` class, and symbolic links are then automatically followed when performing the `Path.stat()` and `Path.open()` to send the file. Version 3.10.2 contains a patch for the issue.

Language: Python

Severity Score

Related Resources (8)

https://github.com/aio-libs/aiohttp
https://github.com/aio-libs/aiohttp/blob/e0ff5246e1d29b7710ab1a2bbc972b48169f1c05/aiohttp/web_fileresponse.py#L177
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-jwhx-xcg6-8xhj
https://github.com/aio-libs/aiohttp/commit/ce2e9758814527589b10759a20783fb03b98339f
https://github.com/aio-libs/aiohttp/pull/8653
https://github.com/aio-libs/aiohttp/blob/e0ff5246e1d29b7710ab1a2bbc972b48169f1c05/aiohttp/web_urldispatcher.py#L674
https://nvd.nist.gov/vuln/detail/CVE-2024-42367
https://www.mend.io/vulnerability-database/CVE-2024-42367

Severity Score

Weakness Type (CWE)

UNIX Symbolic Link (Symlink) Following

CWE-61

Top Fix

icon

Upgrade Version

Upgrade to version aiohttp - 3.10.2

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us