Lucene search

CVE-2023-24329

🗓️ 17 Feb 2023 15:12:15Reported by mitreType

An issue in urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that start

Reporter	Title	Published	Views	Family All 199
Tenable Nessus	Fedora 37 : python3.11 (2023-63c69aa712)	26 May 202300:00	–	nessus
Tenable Nessus	RHEL 8 : python38:3.8 and python38-devel:3.8 (RHSA-2023:4038)	13 Jul 202300:00	–	nessus
Tenable Nessus	Slackware Linux 15.0 / current python3 Vulnerability (SSA:2023-159-03)	9 Jun 202300:00	–	nessus
Tenable Nessus	Rocky Linux 8 : python38:3.8 and python38-devel:3.8 (RLSA-2023:3781)	31 Aug 202300:00	–	nessus
Tenable Nessus	Fedora 37 : python3.7 (2023-dd526ed2e4)	16 Jun 202300:00	–	nessus
Tenable Nessus	RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2023:3811)	27 Jun 202300:00	–	nessus
Tenable Nessus	Fedora 38 : python3.7 (2023-f52390b9d2)	14 Jun 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP10 : python3 (EulerOS-SA-2023-1808)	9 May 202300:00	–	nessus
Tenable Nessus	RHEL 9 : python3.9 (RHSA-2023:3595)	14 Jun 202300:00	–	nessus
Tenable Nessus	RHEL 9 : python3.11 (RHSA-2023:3585)	14 Jun 202300:00	–	nessus

Nvd

Node

python pythonRange<3.7.17

python pythonRange3.8.0–3.8.17

python pythonRange3.9.0–3.9.17

python pythonRange3.10.0–3.10.12

python pythonRange3.11.0–3.11.4

Node

fedoraproject fedoraMatch36

fedoraproject fedoraMatch37

fedoraproject fedoraMatch38

Node

netapp active_iq_unified_managerMatch-vmware_vsphere

netapp active_iq_unified_managerMatch-windows

netapp management_services_for_element_softwareMatch-

netapp management_services_for_netapp_hciMatch-

netapp ontap_select_deploy_administration_utilityMatch-

Source	Link
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/
github	www.github.com/python/cpython/pull/99421
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/
kb	www.kb.cert.org/vuls/id/127587
pointernull	www.pointernull.com/security/python-url-parse-problem.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Feb 2023 15:15Current

7.8High risk

Vulners AI Score7.8

CVSS37.5

EPSS0.00197

SSVC

CWE-20