Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vuln test #89

Closed
wants to merge 2 commits into from
Closed

Vuln test #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8a9cdce
Vulnerabilities test
RichardWhellum Dec 10, 2024
0b60724
Merge branch 'Redback-Operations:main' into main
RichardWhellum Dec 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
bandit==1.7.5
bandit==1.7.5
flask==0.12.3 # Known critical vulnerabilities: CVE-2018-1000656

Check failure

Code scanning / Trivy

python-flask: unexpected memory usage can lead to denial of service via crafted encoded JSON data High

Package: flask
Installed Version: 0.12.3
Vulnerability CVE-2019-1010083
Severity: HIGH
Fixed Version: 1.0
Link: CVE-2019-1010083

Check failure

Code scanning / Trivy

flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header High

Package: flask
Installed Version: 0.12.3
Vulnerability CVE-2023-30861
Severity: HIGH
Fixed Version: 2.3.2, 2.2.5
Link: CVE-2023-30861
jinja2==2.7.2 # Known critical vulnerabilities: CVE-2019-10906

Check failure

Code scanning / Trivy

python-jinja2: Sandbox escape due to information disclosure via str.format High

Package: jinja2
Installed Version: 2.7.2
Vulnerability CVE-2016-10745
Severity: HIGH
Fixed Version: 2.8.1
Link: CVE-2016-10745

Check failure

Code scanning / Trivy

python-jinja2: str.format_map allows sandbox escape High

Package: jinja2
Installed Version: 2.7.2
Vulnerability CVE-2019-10906
Severity: HIGH
Fixed Version: 2.10.1
Link: CVE-2019-10906

Check warning

Code scanning / Trivy

python-jinja2: ReDoS vulnerability in the urlize filter Medium

Package: jinja2
Installed Version: 2.7.2
Vulnerability CVE-2020-28493
Severity: MEDIUM
Fixed Version: 2.11.3
Link: CVE-2020-28493

Check warning

Code scanning / Trivy

jinja2: HTML attribute injection when passing user input as keys to xmlattr filter Medium

Package: jinja2
Installed Version: 2.7.2
Vulnerability CVE-2024-22195
Severity: MEDIUM
Fixed Version: 3.1.3
Link: CVE-2024-22195

Check warning

Code scanning / Trivy

jinja2: accepts keys containing non-attribute characters Medium

Package: jinja2
Installed Version: 2.7.2
Vulnerability CVE-2024-34064
Severity: MEDIUM
Fixed Version: 3.1.4
Link: CVE-2024-34064
24 changes: 24 additions & 0 deletions test_vulnerability.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,25 @@
import os
from flask import Flask, request

app = Flask(__name__)

# Critical Vulnerability: Hardcoded Secret Key
SECRET_KEY = "123456"

@app.route("/exec", methods=["POST"])
def insecure_exec():
# Critical Vulnerability: Unsafe eval usage
command = request.form.get("command")
result = eval(command) # This is critically vulnerable to code injection
return f"Executed: {result}"

@app.route("/path", methods=["POST"])
def directory_traversal():
# Critical Vulnerability: Unsafe file access
filename = request.form.get("filename")
with open(filename, "r") as f:
return f.read()

if __name__ == "__main__":
app.run(host="0.0.0.0", port=5000)

Loading