Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Python]: DOS through Decompression #777

Closed
1 of 2 tasks
am0o0 opened this issue Jul 31, 2023 · 6 comments
Closed
1 of 2 tasks

[Python]: DOS through Decompression #777

am0o0 opened this issue Jul 31, 2023 · 6 comments
Assignees
@Kwstubbs
Labels
All For One Submissions to the All for One, One for All bounty

Comments

@am0o0
Copy link

am0o0 commented Jul 31, 2023

Query PR

github/codeql#13557

Language

Python

CVE(s) ID list

CWE

No response

Report

Extracting Compressed files with any compression algorithm like gzip can cause to denial of service attacks. Attackers can compress a huge file which created by repeated similar byte and convert it to a small compressed file.
Added modeling for multiple CLI third parties.
I've added FileAndFormRemoteFlowSource module which is related to all queries that need a file as their user provided remote flow sources. in this module I added support of file and form of FastAPI framework.
I tried my best to add as much sanitizers as possible. if you have another idea about sanitizers I can write more sanitizers too.

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

  • Yes
  • No

Blog post link

No response
@am0o0 am0o0 added the All For One Submissions to the All for One, One for All bounty label Jul 31, 2023
@Kwstubbs Kwstubbs self-assigned this Sep 20, 2023
@Kwstubbs
Copy link

hello @amammad do you have a database for CVE-2023-22898

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Test run.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Query review.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Final decision.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

@xcorail
Copy link
Contributor

xcorail commented Feb 15, 2024

Created Hackerone report 2375747 for bounty 551597 : [777] [Python]: DOS through Decompression

@xcorail xcorail closed this as completed Feb 15, 2024
@ghsecuritylab
Copy link
Collaborator

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kwstubbs Kwstubbs

Labels
All For One Submissions to the All for One, One for All bounty
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@xcorail @Kwstubbs @ghsecuritylab @am0o0