| tiêu đề | redash <25.1.0 Sandbox Issue |
|---|
| Mô tả | Redash is a popular open-source platform for visualizing and querying data. It uses RestrictedPython as its sandbox environment to securely execute Python queries. In its documentation, redash claims their default 25 builtin functions are considered safe. However, redash insecurely restores access to the getattr builtin function which was supposed to be overwritten by the secure version of safer_getattr implemented in Restricted Python. This leads to sandbox escape without any extra module importation needed.
|
|---|
| Nguồn | ⚠️ https://gist.github.com/superboy-zjc/1f89d375e2408ed843dc2cf0bb1bb894 |
|---|
| Người dùng | Gavin Zhong (UID 84092) |
|---|
| Đệ trình | 18/05/2025 18:13 (cách đây 11 các tháng) |
|---|
| Kiểm duyệt | 08/06/2025 19:53 (21 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 311633 [Redash đến 10.1.0/25.1.0 getattr /query_runner/python.py run_query nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|