CVE-2022-24880: Potential Captcha Validate Bypass in flask-session-captcha
(updated )
flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.
The captcha.validate() function would return None if passed no value (e.g. by submitting a request with an empty form).
If implementing users were checking the return value to be False, the captcha verification check could be bypassed.
Sample vulnerable code:
if captcha.validate() == False:
... # abort
else:
... # do stuff
References
- github.com/Tethik/flask-session-captcha
- github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4
- github.com/Tethik/flask-session-captcha/pull/27
- github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1
- github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45
- github.com/advisories/GHSA-7r87-cj48-wj45
- github.com/pypa/advisory-database/tree/main/vulns/flask-session-captcha/PYSEC-2022-193.yaml
- nvd.nist.gov/vuln/detail/CVE-2022-24880
Code Behaviors & Features
Detect and mitigate CVE-2022-24880 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →