Lucene search

K
nvd[email protected]NVD:CVE-2011-1521
HistoryMay 24, 2011 - 11:55 p.m.

CVE-2011-1521

2011-05-2423:55:02
CWE-399
web.nvd.nist.gov

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

8.7

Confidence

High

EPSS

0.136

Percentile

95.6%

The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs.

Affected configurations

NVD
Node
pythonpythonMatch2.0
OR
pythonpythonMatch2.0.1
OR
pythonpythonMatch2.1
OR
pythonpythonMatch2.1.1
OR
pythonpythonMatch2.1.2
OR
pythonpythonMatch2.1.3
OR
pythonpythonMatch2.2
OR
pythonpythonMatch2.2.1
OR
pythonpythonMatch2.2.2
OR
pythonpythonMatch2.2.3
OR
pythonpythonMatch2.3.1
OR
pythonpythonMatch2.3.2
OR
pythonpythonMatch2.3.3
OR
pythonpythonMatch2.3.4
OR
pythonpythonMatch2.3.5
OR
pythonpythonMatch2.3.7
OR
pythonpythonMatch2.4.1
OR
pythonpythonMatch2.4.2
OR
pythonpythonMatch2.4.3
OR
pythonpythonMatch2.4.4
OR
pythonpythonMatch2.4.6
OR
pythonpythonMatch2.5.1
OR
pythonpythonMatch2.5.2
OR
pythonpythonMatch2.5.3
OR
pythonpythonMatch2.5.4
OR
pythonpythonMatch2.6.1
OR
pythonpythonMatch2.6.4
OR
pythonpythonMatch2.6.5
OR
pythonpythonMatch2.6.6
OR
pythonpythonMatch2.6.7
OR
pythonpythonMatch2.7.1
Node
pythonpythonMatch3.0
OR
pythonpythonMatch3.0.1
OR
pythonpythonMatch3.1
OR
pythonpythonMatch3.1.1
OR
pythonpythonMatch3.1.2
OR
pythonpythonMatch3.1.3
OR
pythonpythonMatch3.2
OR
pythonpythonMatch3.2alpha

References

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

AI Score

8.7

Confidence

High

EPSS

0.136

Percentile

95.6%