-
Notifications
You must be signed in to change notification settings - Fork 22
Open
Labels
ASVSAnything related to ASVS requirementsAnything related to ASVS requirementsL1ASVS L1 requirementASVS L1 requirementpriorityNot critical, but should be addressed soonNot critical, but should be addressed soonsecurityIssues related to security postureIssues related to security posture
Description
ASVS Requirement: V12.2.1
CWE: CWE-319 (Cleartext Transmission of Sensitive Information)
Severity: HIGH
File: atr/mail.py (lines ~113–122)
Description
The mail relay connection creates a properly configured TLS context (TLS 1.2 minimum), but connects to port 587 without initiating STARTTLS. Port 587 uses "explicit TLS", meaning the connection starts unencrypted and must be upgraded via STARTTLS. Without start_tls=True or an explicit await smtp.starttls() call, email contents — including vote notifications and release information — may be transmitted in cleartext.
Current code
async def _send_via_relay(from_addr: str, to_addr: str, msg_bytes: bytes) -> None:
_validate_recipient(to_addr)
context = ssl.create_default_context()
context.minimum_version = ssl.TLSVersion.TLSv1_2
smtp = aiosmtplib.SMTP(hostname=_MAIL_RELAY, port=_SMTP_PORT, timeout=_SMTP_TIMEOUT, tls_context=context)
await smtp.connect()
await smtp.ehlo()
await smtp.sendmail(from_addr, [to_addr], msg_bytes)
await smtp.quit()Recommended fix
Add start_tls=True to the SMTP constructor:
smtp = aiosmtplib.SMTP(
hostname=_MAIL_RELAY,
port=_SMTP_PORT,
timeout=_SMTP_TIMEOUT,
tls_context=context,
start_tls=True,
)Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
ASVSAnything related to ASVS requirementsAnything related to ASVS requirementsL1ASVS L1 requirementASVS L1 requirementpriorityNot critical, but should be addressed soonNot critical, but should be addressed soonsecurityIssues related to security postureIssues related to security posture