Page 32 of 281 results (0.017 seconds)

CVSS: 9.8EPSS: 0%CPEs: 28EXPL: 0

CVE-2019-10160 – python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc

https://notcve.org/view.php?id=CVE-2019-10160

A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. Se descubrió una regresión de seguridad de CVE-2019-9636 en python desde commit con ID d537ab0ff9767ef024f26246899728f0116b1ec3 que afecta a las versiones 2.7, 3.5, 3.6, 3.7 y de v3.8.0a4 a v3.8.0b1, el cual permite a un atacante explotar CVE-2019-9636 violando las partes usuario (user) y contraseña (password) de una URL. Cuando una aplicación analiza las URL proporcionadas por el usuario para almacenar cookies, credenciales de autenticación u otro tipo de información, es posible que un atacante proporcione URL especialmente creadas para que la aplicación ubique información relacionada con el host (por ejemplo, cookies, datos de autenticación) y envíe a un host diferente al que debería, a diferencia de si las URL se analizaron correctamente. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html https://access.redhat.com/errata/RHSA-2019:1587 https://access.redhat.com/errata/RHSA-2019:1700 https://access.redhat.com/errata/RHSA-2019:2437 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10160 https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09 https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e • CWE-172: Encoding Error CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2019-12761

https://notcve.org/view.php?id=CVE-2019-12761

A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call. Se descubrió un problema de inyección de código en PyXDG antes de 0.26 a través del código Python creado en un elemento de Categoría de un documento de Menú XML en un archivo .menú. XDG_CONFIG_DIRS debe configurarse para activar el análisis xdg.Menu.parse dentro del directorio que contiene este archivo. • https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-11324 – python-urllib3: Certification mishandle when error should be thrown

https://notcve.org/view.php?id=CVE-2019-11324

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument. La urllib3 library versión anterior a 1.24.2 para Python maneja de forma incorrecta ciertos casos en los que el ajuste deseado de certificados de CA es diferente del almacén del sistema operativo de certificados de CA, lo que da como resultado que las conexiones SSL tengan éxito en situaciones en las que una falla de comprobación sea el resultado correcto. Esto está relacionado con el uso de los argumentos ssl_context, ca_certs o ca_certs_dir. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html http://www.openwall.com/lists/oss-security/2019/04/19/1 https://access.redhat.com/errata/RHSA-2019:3335 https://access.redhat.com/errata/RHSA-2019:3590 https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4 https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html https://lists.debian.org/debian-lts-announce/2023/1 • CWE-295: Improper Certificate Validation •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2019-11236 – python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service

https://notcve.org/view.php?id=CVE-2019-11236

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. En la librería urllib3, hasta la versión 1.24.1 para Python, se puede realizar una inyección CRLF si el atacante controla el parámetro request. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html https://access.redhat.com/errata/RHSA-2019:2272 https://access.redhat.com/errata/RHSA-2019:3335 https://access.redhat.com/errata/RHSA-2019:3590 https://github.com/urllib3/urllib3/issues/1553 https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html https:// • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •

CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 1

CVE-2019-9948 – python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms

https://notcve.org/view.php?id=CVE-2019-9948

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. urllib en Python, en versiones 2.x hasta la 2.7.16, soporta el esquema local_file:, lo que facilita que los atacantes remotos omitan los mecanismos de protección que ponen en lista negra los URI file:, tal y como queda demostrado con una llamada urllib.urlopen('local_file:///etc/passwd'). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://www.securityfocus.com/bid/107549 https://access.redhat.com/errata/RHSA-2019:1700 https://access.redhat.com/errata/RHSA-2019:2030 https://access.redhat.com/errata/RHSA-2019:3335 https://access.redhat.com/errata/RHSA-2019:3520 https://bugs.python.o • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-749: Exposed Dangerous Method or Function •