Impact
What kind of vulnerability is it? Who is impacted?
This vulnerability is a data vulnerability, as it allows somewhere within code for users to submit paths to have the deletion of any file. Any user running commit 3fa8bbf, 1bda8d1, 12a9590, 428b361, 34fb194, b521636, ef3583e, or f5efa6a are vulnerable.
Patches
Has the problem been patched? What versions should users upgrade to?
The problem has not been patched as of yet. A fix is expected in the next commit. As of commit 1eb1e54, the issue has been patched. Any downloads of iTunesRPC-Remastered source before this commit should download the latest source ASAP.
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
Manual modification of source code can be efficient in remedying this issue. To fix this, you must:
- import secure_filename from werkzeug.utils
- Wrap line(s) 129
remove(filename) in secure_filename to change the line to remove(secure_filename(filename))
CWEs
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23: Relative Path Traversal
CWE-36: Absolute Path Traversal
CWE-73: External Control of File Name or Path
CWE-99: Improper Control of Resource Identifiers ('Resource Injection')
References
Learn more about Path Traversal via OWASP
CWE-22
CWE-23
CWE-36
CWE-73
CWE-99
For more information
If you have any questions or comments about this advisory:
Impact
What kind of vulnerability is it? Who is impacted?
This vulnerability is a data vulnerability, as it allows somewhere within code for users to submit paths to have the deletion of any file. Any user running commit 3fa8bbf, 1bda8d1, 12a9590, 428b361, 34fb194, b521636, ef3583e, or f5efa6a are vulnerable.
Patches
Has the problem been patched? What versions should users upgrade to?
The problem has not been patched as of yet. A fix is expected in the next commit.As of commit 1eb1e54, the issue has been patched. Any downloads of iTunesRPC-Remastered source before this commit should download the latest source ASAP.Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?
Manual modification of source code can be efficient in remedying this issue. To fix this, you must:
remove(filename)in secure_filename to change the line toremove(secure_filename(filename))CWEs
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23: Relative Path Traversal
CWE-36: Absolute Path Traversal
CWE-73: External Control of File Name or Path
CWE-99: Improper Control of Resource Identifiers ('Resource Injection')
References
Learn more about Path Traversal via OWASP
CWE-22
CWE-23
CWE-36
CWE-73
CWE-99
For more information
If you have any questions or comments about this advisory: