CVE-2022-36070 – Poetry's Untrusted Search Path can lead to Local Code Execution on Windows
https://notcve.org/view.php?id=CVE-2022-36070
Poetry is a dependency manager for Python. To handle dependencies that come from a Git repository, Poetry executes various commands, e.g. `git config`. These commands are being executed using the executable’s name and not its absolute path. This can lead to the execution of untrusted code due to the way Windows resolves executable names to paths. • https://github.com/python-poetry/poetry/releases/tag/1.1.9 https://github.com/python-poetry/poetry/releases/tag/1.2.0b1 https://github.com/python-poetry/poetry/security/advisories/GHSA-j4j9-7hg9-97g6 • CWE-426: Untrusted Search Path •
CVE-2022-2996 – python-scciclient: missing server certificate verification
https://notcve.org/view.php?id=CVE-2022-2996
A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks. Se encontró un fallo en python-scciclient cuando es realizada una conexión HTTPS a un servidor en el que no es verificado el certificado del servidor. Este problema abre la conexión a posibles ataques de tipo Man-in-the-middle (MITM) • https://lists.debian.org/debian-lts-announce/2022/11/msg00006.html https://opendev.org/x/python-scciclient/commit/274dca0344b65b4ac113d3271d21c17e970a636c https://access.redhat.com/security/cve/CVE-2022-2996 https://bugzilla.redhat.com/show_bug.cgi?id=2115122 • CWE-295: Improper Certificate Validation •
CVE-2021-28861 – python: open redirection vulnerability in lib/http/server.py may lead to information disclosure
https://notcve.org/view.php?id=CVE-2021-28861
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." ** EN DISPUTA ** Python versiones 3.x hasta la versión 3.10, presenta una vulnerabilidad de redireccionamiento abierto en el archivo lib/http/server.py debido a una falta de protección contra múltiples (/) al principio de la ruta URI que puede conllevar a una divulgación de información. NOTA: esto es discutido por un tercero porque la página de documentación http.server.html dice "Advertencia: http.server no se recomienda para producción. Sólo implementa controles de seguridad básicos". • https://bugs.python.org/issue43223 https://github.com/python/cpython/pull/24848 https://github.com/python/cpython/pull/93879 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG https://lists.fedoraproject.org/archives • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2022-31575
https://notcve.org/view.php?id=CVE-2022-31575
The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. El repositorio duducosmos/livro_python versiones hasta 06-06-2018 en GitHub, permite un salto de ruta absoluto porque la función send_file de Flask es usada de forma no segura • https://github.com/github/securitylab/issues/669#issuecomment-1117265726 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2022-31571
https://notcve.org/view.php?id=CVE-2022-31571
The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. El repositorio akashtalole/python-flask-restful-api versiones hasta 16-09-2019 en GitHub, permite un salto de ruta absoluto porque la función send_file de Flask es usada de forma no segura • https://github.com/github/securitylab/issues/669#issuecomment-1117265726 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •