CVE-2023-50264: 
NixOS vulnerability analysis and mitigation

CVE-2023-50264 is a vulnerability discovered in Bazarr, a software that manages and downloads subtitles. Prior to version 1.3.1, the application contained an arbitrary file read vulnerability in the /system/backup/download/ endpoint within bazarr/app/ui.py. The vulnerability was disclosed on December 15, 2023, and was assigned a CVSS v3.1 base score of 7.5 (HIGH) (NVD, GitHub Security Lab).

The vulnerability exists because the /system/backup/download/ endpoint in bazarr/app/ui.py did not validate the user-controlled filename variable and used it directly in the send_file function. This implementation flaw allowed for path traversal attacks. The vulnerability has been assigned CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). The CVSS v3.1 vector string is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating network accessibility, low attack complexity, no privileges required, and high impact on confidentiality (NVD, GitHub Security Lab).

The vulnerability allows an unauthenticated attacker to read arbitrary files on the system where Bazarr is installed. This could lead to exposure of sensitive information stored anywhere on the system that the Bazarr process has access to (GitHub Security Lab).

The vulnerability has been fixed in Bazarr version 1.3.1. The fix includes proper path validation to prevent directory traversal attacks. Users should upgrade to version 1.3.1 or later to protect against this vulnerability (Bazarr Patch, Bazarr Release).