CVE-2023-50266

EPSS 0.11%
Veröffentlicht 15.12.2023 21:15:09
Zuletzt bearbeitet 21.11.2024 08:36:46
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Bazarr manages and downloads subtitles. In version 1.2.4, the proxy method in bazarr/bazarr/app/ui.py does not validate the user-controlled protocol and url variables and passes them to requests.get() without any sanitization, which leads to a blind server-side request forgery (SSRF). This issue allows for crafting GET requests to internal and external resources on behalf of the server. 1.3.1 contains a partial fix, which limits the vulnerability to HTTP/HTTPS protocols.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bazarr ≫ Bazarr Version1.2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.305

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://github.com/morpheus65535/bazarr/commit/17add7fbb3ae1919a40d505470d499d46df9ae6b

Patch

https://github.com/morpheus65535/bazarr/releases/tag/v1.3.1

Release Notes

https://securitylab.github.com/advisories/GHSL-2023-192_GHSL-2023-194_bazarr/

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-50266

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-50266

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-50266

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-50266