SFTY-20230823-06198 / CVE-2023-41105 — Safety Vulnerability Database

Overview

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x. https://github.com/python/cpython/issues/106242 https://github.com/advisories/GHSA-65fx-pmw6-rcfm

Advisory

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x. https://github.com/python/cpython/issues/106242 https://github.com/advisories/GHSA-65fx-pmw6-rcfm

Affected Package

Affecting python package, versions

>=3.11.0a1,<3.11.4

Also affects

---

How to Fix

Upgrade

python

to

3.11.4

or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more