CVE-2023-32309 PoC — PyMdown Extensions 路径遍历漏洞

Source

https://github.com/itlabbet/CVE-2023-32309

Associated Vulnerability

Title:PyMdown Extensions 路径遍历漏洞 (CVE-2023-32309)
Description:PyMdown Extensions是Python Markdown 的扩展集合。 PyMdown Extensions存在路径遍历漏洞，该漏洞源于容易受到目录遍历攻击的影响，攻击者利用该漏洞可能会读取任意文件。

Description

Example project illustrating CVE-2023-32309 vulnerability

Readme

# CVE-2023-32309

File Snapshot


 [4.0K]  /data/pocs/48b2dbe1f5a82ac2ee25e59f5c937a8ce7a2b6d0
├── [4.0K]  bin
│   └── [4.0K]  scripts
│       └── [   0]  plantuml
├── [ 126]  catalog-info.yaml
├── [1.5K]  Dockerfile
├── [ 11K]  LICENSE
├── [4.0K]  mock-docs
│   ├── [4.0K]  docs
│   │   ├── [1.6K]  index.md
│   │   └── [ 273]  poc.md
│   ├── [ 285]  mkdocs.yml
│   ├── [4.0K]  plugins
│   │   ├── [4.0K]  plugin-a
│   │   │   ├── [4.0K]  docs
│   │   │   │   └── [ 140]  index.md
│   │   │   └── [  97]  mkdocs.yml
│   │   └── [4.0K]  plugin-b
│   │       ├── [4.0K]  docs
│   │       │   └── [ 140]  index.md
│   │       └── [  97]  mkdocs.yml
│   └── [4.0K]  sub-docs
│       ├── [4.0K]  docs
│       │   └── [ 132]  index.md
│       └── [  48]  mkdocs.yml
└── [  19]  README.md

11 directories, 14 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!