Skip to content

Instantly share code, notes, and snippets.

@enferas

enferas/CVE-2022-0372.md

Created January 11, 2023 17:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save enferas/dfbf40f1bc60093c787356588595c7ed to your computer and use it in GitHub Desktop.
Save enferas/dfbf40f1bc60093c787356588595c7ed to your computer and use it in GitHub Desktop.
Download ZIP
old CVE-2022-0372
Raw
CVE-2022-0372.md

Link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0372

In file app\Http\Controllers\V1\Admin\Settings\CompanyController.php

public function uploadAvatar(Request $request){
    //...
        $data = json_decode($request->avatar);
        $user->addMediaFromBase64($data->data)
            ->usingFileName($data->name)
            ->toMediaCollection('admin_avatar');
}

In file vendor\spatie\laravel-medialibrary\src\InteractsWithMedia.php

public function addMediaFromBase64(string $base64data, ...$allowedMimeTypes): FileAdder
{
        //...
        $tmpFile = tempnam(sys_get_temp_dir(), 'media-library');
        file_put_contents($tmpFile, $binaryData);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment