Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-yapt-ka6b-f3ba
SummaryFlarum is an open source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP's `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability.
Aliases
0
alias CVE-2023-40033
1
alias GHSA-67c6-q4j4-hccg
Fixed_packages
0
url pkg:composer/flarum/core@1.8.0
purl pkg:composer/flarum/core@1.8.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/flarum/core@1.8.0
1
url pkg:composer/flarum/flarum@1.8.0
purl pkg:composer/flarum/flarum@1.8.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/flarum/flarum@1.8.0
2
url pkg:composer/flarum/framework@1.8.0
purl pkg:composer/flarum/framework@1.8.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/flarum/framework@1.8.0
Affected_packages
References
0
reference_url https://github.com/flarum/framework/commit/d1059c1cc79fe61f9538f3da55e8f42abbede570
reference_id
reference_type
scores
url https://github.com/flarum/framework/commit/d1059c1cc79fe61f9538f3da55e8f42abbede570
1
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-40033
reference_id CVE-2023-40033
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-40033
2
reference_url https://github.com/advisories/GHSA-67c6-q4j4-hccg
reference_id GHSA-67c6-q4j4-hccg
reference_type
scores
url https://github.com/advisories/GHSA-67c6-q4j4-hccg
3
reference_url https://github.com/flarum/framework/security/advisories/GHSA-67c6-q4j4-hccg
reference_id GHSA-67c6-q4j4-hccg
reference_type
scores
url https://github.com/flarum/framework/security/advisories/GHSA-67c6-q4j4-hccg
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 918
name Server-Side Request Forgery (SSRF)
description The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-yapt-ka6b-f3ba