Page 20 of 281 results (0.008 seconds)

CVSS: 5.9EPSS: 0%CPEs: 19EXPL: 1

CVE-2021-23336 – Web Cache Poisoning

https://notcve.org/view.php?id=CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. El paquete python/cpython desde versiones 0 y anteriores a 3.6.13, desde versiones 3.7.0 y anteriores a 3.7.10, desde versiones 3.8.0 y anteriores a 3.8.8, desde versiones 3.9.0 y anteriores a 3.9.2, son vulnerables al envenenamiento de caché web por medio de urllib.parse.parse_qsl y urllib.parse.parse_qs usando un vector llamado encubrimiento de parámetros. Cuando el atacante puede separar los parámetros de la consulta usando un punto y coma (;), pueden causar una diferencia en la interpretación de la petición entre el proxy (que se ejecuta con la configuración predeterminada) y el servidor. • http://www.openwall.com/lists/oss-security/2021/02/19/4 http://www.openwall.com/lists/oss-security/2021/05/01/2 https://github.com/python/cpython/pull/24297 https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367%40%3Cusers.airflow.apache.org%3E https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https:/&#x • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 9.8EPSS: 3%CPEs: 15EXPL: 1

CVE-2021-3177 – python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

https://notcve.org/view.php?id=CVE-2021-3177

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. Python versiones 3.x hasta 3.9.1, presenta un desbordamiento de búfer en la función PyCArg_repr en el archivo _ctypes/callproc.c, que puede conllevar a una ejecución de código remota en determinadas aplicaciones de Python que aceptan números de punto flotante como entrada no confiable, como es demostrado por un argumento 1e300 para c_double.from_param. Esto ocurre porque sprintf es usado de manera no segura A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. • https://bugs.python.org/issue42938 https://github.com/python/cpython/pull/24239 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2G • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2020-35653 – python-pillow: Buffer over-read in PCX image reader

https://notcve.org/view.php?id=CVE-2020-35653

In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations. En Pillow versiones anteriores a 8.1.0, la función PcxDecode presenta una lectura excesiva del búfer cuando se decodifica un archivo PCX diseñado porque el valor de paso suministrado por el usuario es confiable para los cálculos del búfer A flaw was found in python-pillow. The PcxDecode in Pillow has a buffer over-read when decoding a crafted PCX file due to the user-supplied stride value trusted for buffer calculations. The highest threat from this vulnerability is to system availability. • https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD https://pillow.readthedocs.io/en/stable/releasenotes/index.html https://access.redhat.com/security/cve/CVE-2020-35653 https://bugzilla.redhat.com/show_bug.cgi?id=1915420 • CWE-125: Out-of-bounds Read •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-35654 – python-pillow: decoding crafted YCbCr files could result in heap-based buffer overflow

https://notcve.org/view.php?id=CVE-2020-35654

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. En Pillow versiones anteriores a 8.1.0, la función TiffDecode presenta un desbordamiento del búfer en la región heap de la memoria cuando se decodifican archivos YCbCr diseñados debido a determinados conflictos de interpretación con LibTIFF en modo RGBA A flaw was found in python-pillow. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TQQY6472RX4J2SUJENWDZAWKTJJGP2ML https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTSY25UJU7NJUFHH3HWT575LT4TDFWBZ https://pillow.readthedocs.io/en/stable/releasenotes/index.html • CWE-787: Out-of-bounds Write •

CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-35655 – python-pillow: Buffer over-read in SGI RLE image reader

https://notcve.org/view.php?id=CVE-2020-35655

In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. En Pillow versiones anteriores a 8.1.0, la función SGIRleDecode presenta una lectura excesiva de búfer de 4 bytes cuando se decodifican archivos de imagen SGI RLE diseñados porque unas compensaciones y unas tablas de longitud se manejan inapropiadamente A flaw was found in python-pillow. SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6BYVI5G44MRIPERKYDQEL3S3YQCZTVHE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BF553AMNNNBW7SH4IM4MNE4M6GNZQ7YD https://pillow.readthedocs.io/en/stable/releasenotes/index.html https://access.redhat.com/security/cve/CVE-2020-35655 https://bugzilla.redhat.com/show_bug.cgi?id=1915432 • CWE-125: Out-of-bounds Read •