Lucene search

K
freebsdFreeBSDCA595A25-91D8-11EA-B470-080027846A02
HistoryOct 24, 2019 - 12:00 a.m.

Python -- CRLF injection via the host part of the url passed to urlopen()

2019-10-2400:00:00
vuxml.freebsd.org
21

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.003

Percentile

68.8%

Python reports:

An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x
through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as
demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in
the host component of a URL) followed by an HTTP header.

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.003

Percentile

68.8%