4 results (0.023 seconds)

CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0

Bottle before 0.12.20 mishandles errors during early request binding. Bottle versiones anteriores a 0.12.20, maneja inapropiadamente los errores durante la vinculación temprana de peticiones • https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00 https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20 https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. El paquete bottle desde versiones 0 y anteriores a 0.12.19, es vulnerable al Envenenamiento de Caché Web al usar un vector llamado encubrimiento de parámetros. Cuando el atacante puede separar los parámetros de consulta usando un punto y coma (;), pueden causar una diferencia en la interpretación de la petición entre el proxy (que se ejecuta con la configuración predeterminada) y el servidor. • https://github.com/bottlepy/bottle https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call. redirect() en bottle.py en bottle 0.12.10 no filtra una secuencia "\r\n", lo que lleva a un ataque CRLF, según lo demostrado por una llamada redireccionada ("233\r\nSet-Cookie: name=salt"). • http://www.debian.org/security/2016/dsa-3743 http://www.securityfocus.com/bid/94961 https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 https://github.com/bottlepy/bottle/issues/913 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •

CVSS: 6.8EPSS: 3%CPEs: 26EXPL: 0

Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code. Bottle 0.10.x anterior a 0.10.12, 0.11.x anterior a 0.11.7, y 0.12.x anterior a 0.12.6 no limita debidamente los tipos de contenido, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un tipo de contenido aceptado seguido por un ; (punto y coma) y un tipo de contenido que no sería aceptado, tal y como fue demostrado en YouCompleteMe en ejecutar código arbitrario. • http://www.debian.org/security/2014/dsa-2948 http://www.openwall.com/lists/oss-security/2014/05/01/15 https://bugzilla.redhat.com/show_bug.cgi?id=1093255 https://github.com/defnull/bottle/issues/616 • CWE-20: Improper Input Validation •