Open porcupineyhairs opened 1 week ago
Your submission is now in status Results analysis.
For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed
Your submission is now in status Query review.
For information, the evaluation workflow is the following: Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed
Query PR
https://github.com/github/codeql/pull/16814
Language
Python
CVE(s) ID list
https://github.com/advisories/GHSA-824x-jcxf-hpfg CVE-2022-3457
CWE
CWE-346
Report
This PR adds a query to detect a Cross Origin Resource Sharing(CORS) policy bypass due to an incorrect check.
This PR attempts to detect the vulnerability pattern found in CVE-2022-3457
In this case, a value obtained from a header is compared using
startswith
call. This comparision is easily bypassed resulting in a CORS bypass. Given that similar bugs have been found in other languages as well, I think this PR would be a great addition to the exisitng python query pack.The databases for CVE-2022-3457 can be downloaded from
Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).
Blog post link
No response