Vulnerability-Lookup

CVE-2022-24880 (GCVE-0-2022-24880)

Vulnerability from cvelistv5 – Published: 2022-04-25 22:10 – Updated: 2025-04-23 18:32

Title

Potential Captcha Validate Bypass in flask-session-captcha

Summary

flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-253 - Incorrect Check of Function Return Value
CWE-394 - Unexpected Status Code or Return Value
CWE-754 - Improper Check for Unusual or Exceptional Conditions

Assigner

GitHub_M

References

URL

Tags

	https://github.com/Tethik/flask-session-captcha/s…	x_refsource_CONFIRM
	https://github.com/Tethik/flask-session-captcha/pull/27	x_refsource_MISC
	https://github.com/Tethik/flask-session-captcha/c…	x_refsource_MISC
	https://github.com/Tethik/flask-session-captcha/r…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Tethik	flask-session-captcha	Affected: < 1.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:29:00.717Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-24880",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:55:15.375455Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:32:31.559Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "flask-session-captcha",
          "vendor": "Tethik",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-253",
              "description": "CWE-253: Incorrect Check of Function Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-394",
              "description": "CWE-394: Unexpected Status Code or Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-25T22:10:13.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
        }
      ],
      "source": {
        "advisory": "GHSA-7r87-cj48-wj45",
        "discovery": "UNKNOWN"
      },
      "title": "Potential Captcha Validate Bypass in flask-session-captcha",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-24880",
          "STATE": "PUBLIC",
          "TITLE": "Potential Captcha Validate Bypass in flask-session-captcha"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "flask-session-captcha",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Tethik"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-253: Incorrect Check of Function Return Value"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-394: Unexpected Status Code or Return Value"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45",
              "refsource": "CONFIRM",
              "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
            },
            {
              "name": "https://github.com/Tethik/flask-session-captcha/pull/27",
              "refsource": "MISC",
              "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
            },
            {
              "name": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4",
              "refsource": "MISC",
              "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
            },
            {
              "name": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1",
              "refsource": "MISC",
              "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-7r87-cj48-wj45",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-24880",
    "datePublished": "2022-04-25T22:10:13.000Z",
    "dateReserved": "2022-02-10T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:32:31.559Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/pull/27\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T04:29:00.717Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-24880\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T15:55:15.375455Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T15:55:17.566Z\"}}], \"cna\": {\"title\": \"Potential Captcha Validate Bypass in flask-session-captcha\", \"source\": {\"advisory\": \"GHSA-7r87-cj48-wj45\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Tethik\", \"product\": \"flask-session-captcha\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.2.1\"}]}], \"references\": [{\"url\": \"https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/pull/27\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-253\", \"description\": \"CWE-253: Incorrect Check of Function Return Value\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-394\", \"description\": \"CWE-394: Unexpected Status Code or Return Value\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-754\", \"description\": \"CWE-754: Improper Check for Unusual or Exceptional Conditions\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-04-25T22:10:13.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, \"source\": {\"advisory\": \"GHSA-7r87-cj48-wj45\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"\u003c 1.2.1\"}]}, \"product_name\": \"flask-session-captcha\"}]}, \"vendor_name\": \"Tethik\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45\", \"name\": \"https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/pull/27\", \"name\": \"https://github.com/Tethik/flask-session-captcha/pull/27\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4\", \"name\": \"https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1\", \"name\": \"https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-253: Incorrect Check of Function Return Value\"}]}, {\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-394: Unexpected Status Code or Return Value\"}]}, {\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-754: Improper Check for Unusual or Exceptional Conditions\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-24880\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Potential Captcha Validate Bypass in flask-session-captcha\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-24880\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T18:32:31.559Z\", \"dateReserved\": \"2022-02-10T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-04-25T22:10:13.000Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

PYSEC-2022-193

Vulnerability from pysec - Published: 2022-04-25 22:15 - Updated: 2022-05-17 23:28

Details

flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he captcha.validate() function would return None if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be False, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.

Impacted products

Name	purl
flask-session-captcha	pkg:pypi/flask-session-captcha

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "flask-session-captcha",
        "purl": "pkg:pypi/flask-session-captcha"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2811ae23a38d33b620fb7a07de8837c6d65c13e4"
            }
          ],
          "repo": "https://github.com/Tethik/flask-session-captcha",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.0.0",
        "1.0.1",
        "1.0.2",
        "1.0.3",
        "1.1.0",
        "1.2.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24880",
    "GHSA-7r87-cj48-wj45"
  ],
  "details": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.",
  "id": "PYSEC-2022-193",
  "modified": "2022-05-17T23:28:25.264091Z",
  "published": "2022-04-25T22:15:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
    },
    {
      "type": "FIX",
      "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
    }
  ]
}

GSD-2022-24880

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-24880

Aliases

CVE-2022-24880

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-24880",
    "description": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.",
    "id": "GSD-2022-24880"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-24880"
      ],
      "details": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.",
      "id": "GSD-2022-24880",
      "modified": "2023-12-13T01:19:43.475210Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-24880",
        "STATE": "PUBLIC",
        "TITLE": "Potential Captcha Validate Bypass in flask-session-captcha"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "flask-session-captcha",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 1.2.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Tethik"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-253: Incorrect Check of Function Return Value"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-394: Unexpected Status Code or Return Value"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45",
            "refsource": "CONFIRM",
            "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
          },
          {
            "name": "https://github.com/Tethik/flask-session-captcha/pull/27",
            "refsource": "MISC",
            "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
          },
          {
            "name": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4",
            "refsource": "MISC",
            "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
          },
          {
            "name": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1",
            "refsource": "MISC",
            "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-7r87-cj48-wj45",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.2.1",
          "affected_versions": "All versions before 1.2.1",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2022-04-27",
          "description": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, the `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work.",
          "fixed_versions": [
            "1.2.1"
          ],
          "identifier": "CVE-2022-24880",
          "identifiers": [
            "GHSA-7r87-cj48-wj45",
            "CVE-2022-24880"
          ],
          "not_impacted": "All versions starting from 1.2.1",
          "package_slug": "pypi/flask-session-captcha",
          "pubdate": "2022-04-26",
          "solution": "Upgrade to version 1.2.1 or above.",
          "title": "Potential Captcha Validate Bypass in flask-session-captcha",
          "urls": [
            "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45",
            "https://github.com/Tethik/flask-session-captcha/pull/27",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-24880",
            "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4",
            "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1",
            "https://github.com/advisories/GHSA-7r87-cj48-wj45"
          ],
          "uuid": "b1047745-4a76-4d0e-9fa8-8fd862599a85"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:flask-session-captcha_project:flask-session-captcha:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.2.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-24880"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-754"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1",
              "refsource": "MISC",
              "tags": [
                "Release Notes",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
            },
            {
              "name": "https://github.com/Tethik/flask-session-captcha/pull/27",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
            },
            {
              "name": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
            },
            {
              "name": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2022-05-05T18:20Z",
      "publishedDate": "2022-04-25T22:15Z"
    }
  }
}

GHSA-7R87-CJ48-WJ45

Vulnerability from github – Published: 2022-04-26 21:19 – Updated: 2024-09-20 21:03

Summary

Potential Captcha Validate Bypass in flask-session-captcha

Details

Impact

flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.

The captcha.validate() function would return None if passed no value (e.g. by submitting a request with an empty form).

If implementing users were checking the return value to be False, the captcha verification check could be bypassed.

Sample vulnerable code:

if captcha.validate() == False:
    ... # abort
else:
   ... # do stuff

Patches

A new version (1.2.1) is available that fixes the issue.

Workarounds

Users can workaround the issue by not explicitly checking that the value is False.

Checking the return value less explicitly should still work.

if not captcha.validate():
    ... # abort
else:
   ... # do stuff

if captcha.validate():
    ... # do stuff
else:
   ... # abort

References

https://github.com/Tethik/flask-session-captcha/pull/27

For more information

If you have any questions or comments about this advisory: * Open an issue in the github repo

Severity ?

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

6.9 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "flask-session-captcha"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-24880"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-253",
      "CWE-394",
      "CWE-754"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-04-26T21:19:52Z",
    "nvd_published_at": "2022-04-25T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nflask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session.\n\nThe `captcha.validate()` function would return `None` if passed no value (e.g. by submitting a request with an empty form).\n\nIf implementing users were checking the return value to be **False**, the captcha verification check could be bypassed.\n\nSample vulnerable code:\n```python\nif captcha.validate() == False:\n    ... # abort\nelse:\n   ... # do stuff\n```\n\n### Patches\nA new version (1.2.1) is available that fixes the issue.\n\n### Workarounds\nUsers can workaround the issue by not explicitly checking that the value is False. \n\nChecking the return value less explicitly should still work. \n\n```python\nif not captcha.validate():\n    ... # abort\nelse:\n   ... # do stuff\n```\n\n```python\nif captcha.validate():\n    ... # do stuff\nelse:\n   ... # abort\n```\n\n### References\nhttps://github.com/Tethik/flask-session-captcha/pull/27\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [the github repo](https://github.com/Tethik/flask-session-captcha)\n",
  "id": "GHSA-7r87-cj48-wj45",
  "modified": "2024-09-20T21:03:06Z",
  "published": "2022-04-26T21:19:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24880"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/Tethik/flask-session-captcha"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/flask-session-captcha/PYSEC-2022-193.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Potential Captcha Validate Bypass in flask-session-captcha"
}

FKIE_CVE-2022-24880

Vulnerability from fkie_nvd - Published: 2022-04-25 22:15 - Updated: 2024-11-21 06:51

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/Tethik/flask-session-captcha/pull/27	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1	Release Notes, Third Party Advisory
security-advisories@github.com	https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Tethik/flask-session-captcha/pull/27	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1	Release Notes, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45	Third Party Advisory

Impacted products

	Vendor	Product	Version
	flask-session-captcha_project	flask-session-captcha	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:flask-session-captcha_project:flask-session-captcha:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD99903-1464-46F1-8437-BDE027792C34",
              "versionEndExcluding": "1.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he `captcha.validate()` function would return `None` if passed no value (e.g. by submitting an having an empty form). If implementing users were checking the return value to be **False**, the captcha verification check could be bypassed. Version 1.2.1 fixes the issue. Users can workaround the issue by not explicitly checking that the value is False. Checking the return value less explicitly should still work."
    },
    {
      "lang": "es",
      "value": "flask-session-captcha es un paquete que permite a usuarios ampliar Flask al a\u00f1adir un captcha basado en una imagen almacenada en una sesi\u00f3n del lado del servidor. En versiones anteriores a 1.2.1, la funci\u00f3n \"captcha.validate()\" devolv\u00eda \"None\" si no le es pasado ning\u00fan valor (por ejemplo, al enviar un formulario vac\u00edo). Si usuarios implementadores comprobaban que el valor de retorno era **False**, la comprobaci\u00f3n del captcha pod\u00eda omitirse. La versi\u00f3n 1.2.1 corrige el problema. Los usuarios pueden mitigar el problema al no comprobar expl\u00edcitamente que el valor es False. Comprobar el valor de retorno de forma menos expl\u00edcita deber\u00eda seguir funcionando"
    }
  ],
  "id": "CVE-2022-24880",
  "lastModified": "2024-11-21T06:51:18.540",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-25T22:15:43.883",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/pull/27"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-253"
        },
        {
          "lang": "en",
          "value": "CWE-394"
        },
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-24880 (GCVE-0-2022-24880)

PYSEC-2022-193

GSD-2022-24880

GHSA-7R87-CJ48-WJ45

Impact

Patches

Workarounds

References

For more information

FKIE_CVE-2022-24880

Tags

Sightings

Nomenclature