CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-25287 – python-pillow: Out-of-bounds read in J2K image reader
https://notcve.org/view.php?id=CVE-2021-25287
An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2ku_graya_la. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0,. Se presenta una lectura fuera de límites en J2kDecode, en la función j2ku_graya_la There is an out-of-bounds read in J2kDecode in j2ku_graya_la. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A. • https://github.com/python-pillow/Pillow/pull/5377#issuecomment-833821470 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021-25287 https://bugzilla.redhat.com/show_bug.cgi?id=1958226 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28677 – python-pillow: Excessive CPU use in EPS image reader
https://notcve.org/view.php?id=CVE-2021-28677
An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening. Se ha detectado un problema en Pillow versiones anteriores a 8.2.0,. • https://github.com/python-pillow/Pillow/pull/5377 https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL https://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28677-fix-eps-dos-on-open https://security.gentoo.org/glsa/202107-33 https://access.redhat.com/security/cve/CVE-2021-28677 https://bugzilla.redhat.com/show_bug.cgi?id=1958257 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-32052
https://notcve.org/view.php?id=CVE-2021-32052
In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because HttpResponse prohibits newlines in HTTP headers. En Django 2.2 versiones anteriores a 2.2.22, 3.1 versiones anteriores a 3.1.10 y 3.2 versiones anteriores a 3.2.2 (con Python 3.9.5+), URLValidator no prohíbe nuevas líneas y pestañas (a menos que sea usado el campo URLField form). Si una aplicación usa valores con nuevas líneas en una respuesta HTTP, puede ocurrir una inyección de encabezado. • http://www.openwall.com/lists/oss-security/2021/05/06/1 https://docs.djangoproject.com/en/3.2/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE https://security.netapp.com/advisory/ntap-20210611-0002 https://www.djangoproject.com/weblog/2021/may/06/security-releases • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 2CVE-2021-29921 – python-ipaddress: Improper input validation of octal strings
https://notcve.org/view.php?id=CVE-2021-29921
In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses. En Python antes de la versiones 3,9,5, la biblioteca ipaddress maneja mal los caracteres cero iniciales en los octetos de una cadena de direcciones IP. Esto (en algunas situaciones) permite a los atacantes eludir el control de acceso que se basa en las direcciones IP A flaw was found in python-ipaddress. Improper input validation of octal strings in stdlib ipaddress allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. • https://bugs.python.org/issue36384 https://docs.python.org/3/library/ipaddress.html https://github.com/python/cpython/blob/63298930fb531ba2bb4f23bc3b915dbf1e17e9e1/Misc/NEWS.d/3.8.0a4.rst https://github.com/python/cpython/pull/12577 https://github.com/python/cpython/pull/25099 https://github.com/sickcodes https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-014.md https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html https://security.gentoo.org/gl • CWE-20: Improper Input Validation •
CVSS: 5.7EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3426 – python: Information disclosure via pydoc
https://notcve.org/view.php?id=CVE-2021-3426
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. Se presenta un fallo en pydoc de Python versión 3. • https://bugzilla.redhat.com/show_bug.cgi?id=1935913 https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message&#x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •