CVE-2023-32681 – Unintended leak of Proxy-Authorization header in requests
https://notcve.org/view.php?id=CVE-2023-32681
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. • https://github.com/hardikmodha/POC-CVE-2023-32681 https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5 https://github.com/psf/requests/releases/tag/v2.31.0 https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AW7HNFGYP44RT3DUDQXG2QT3OEV2PJ7Y https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorap • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVE-2023-27043 – python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
https://notcve.org/view.php?id=CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. • http://python.org https://github.com/python/cpython/issues/102988 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4ZAEFSFZDNBNJPNOUTLG5COISGQDLMGV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/75DTHSTNOFFNAWHXKMDXS7EJWC6W2FUC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARI7VDSNTQVXRQFM6IK5GSSLEIYV4VZH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAKLUJMHFGVBRDPEY5 • CWE-20: Improper Input Validation •
CVE-2018-25082 – zwczou WeChat SDK Python to_xml xml external entity reference
https://notcve.org/view.php?id=CVE-2018-25082
A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml external entity reference. The attack may be initiated remotely. Upgrading to version 0.5.5 is able to address this issue. • https://github.com/zwczou/weixin-python/commit/e54abadc777715b6dcb545c13214d1dea63df6c9 https://github.com/zwczou/weixin-python/pull/30 https://github.com/zwczou/weixin-python/releases/tag/v0.5.5 https://vuldb.com/?ctiid.223403 https://vuldb.com/?id.223403 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2023-24107
https://notcve.org/view.php?id=CVE-2023-24107
hour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code. • https://github.com/jminh/hour_of_code_python_2015 https://github.com/jminh/hour_of_code_python_2015/issues/4 https://mirrors.neusoft.edu.cn/pypi/web/simple/request •
CVE-2023-24329 – python: urllib.parse url blocklisting bypass
https://notcve.org/view.php?id=CVE-2023-24329
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity. • https://github.com/JawadPy/CVE-2023-24329-Exploit https://github.com/Pandante-Central/CVE-2023-24329-codeql-test https://github.com/H4R335HR/CVE-2023-24329-PoC https://github.com/python/cpython/issues/102153 https://github.com/python/cpython/pull/99421 https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72 https://lists.fedoraproject.org/archives/list/package-announ • CWE-20: Improper Input Validation •