CVE-2023-33175 – toui

Package

Manager: pip
Name: toui
Vulnerable Version: >=2.0.1 <2.4.1

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00472 pctl0.63696

Details

toui allows user-specific variables to be shared between users ### Impact Websites that use `Website.user_vars` property in versions. ### Patches It affects versions v2.0.1 to v2.4.0. Please upgrade to v2.4.1 ### Workarounds Do not use `Website.user_vars` in websites when using versions v2.0.1 to v2.4.0. Also, do not use `Website.signin_user()` in version v2.4.0 only. ### Explanation ToUI is using Flask-Caching (SimpleCache) to store user variables. My misunderstanding was that these caches are stored in the client's browser, but it seems that these are stored in the server side.

Metadata

Created: 2023-05-24T17:38:52Z
Modified: 2023-05-30T06:41:13Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-hh7j-pg39-q563/GHSA-hh7j-pg39-q563.json
CWE IDs: ["CWE-913", "CWE-914"]
Alternative ID: GHSA-hh7j-pg39-q563
Finding: F039
Auto approve: 1