Medium: python-bottle

🗓️ 13 Sep 2022 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 28 Views

Bottle before 0.12.20 mishandles errors during early request binding. Update to python-bottle-0.12.21

Reporter	Title	Published	Views	Family All 60
IBM Security Bulletins	Security Bulletin: Vulnerability in paramiko-2.4.2-py2.py3-none-any.whl affects IBM Integrated Analytics System [CVE-2022-24302]	8 Jun 202313:40	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in bottle-0.12.16 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0) [CVE-2022-31799]	31 Jul 202310:33	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in bottle-0.12.16 affects IBM Integrated Analytics System [CVE-2022-31799]	12 Jun 202308:30	–	ibm
ATTACKERKB	CVE-2022-31799	2 Jun 202214:15	–	attackerkb
Tenable Nessus	Amazon Linux 2022 : python3-bottle (ALAS2022-2022-205)	4 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : python3-bottle (ALAS2023-2023-082)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : python-bottle (ALAS-2022-1844)	15 Sep 202200:00	–	nessus
Tenable Nessus	Debian DLA-3048-1 : python-bottle - LTS security update	8 Jun 202200:00	–	nessus
Tenable Nessus	Debian DSA-5159-1 : python-bottle - security update	10 Jun 202200:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : python-bottle (SUSE-SU-2022:3103-1)	9 Sep 202200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	any	python3-bottle	0.12.21-2.amzn2	python3-bottle-0.12.21-2.amzn2.noarch.rpm

04 Oct 2022 00:00Current

8.4High risk

Vulners AI Score8.4

CVSS 27.5

CVSS 3.19.8

EPSS0.00323

python-bottle update security advisory cve-2022-31799 amazon linux