Lucene search

K

[email protected]NVD:CVE-2019-16786

HistoryDec 20, 2019 - 11:15 p.m.

CVE-2019-16786

2019-12-2023:15:11

CWE-444

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: “Transfer-Encoding: gzip, chunked” would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.

Affected configurations

NVD

Node

agendalesswaitressRange<1.3.1

Node

oraclecommunications_cloud_native_core_network_function_cloud_native_environmentMatch1.10.0

Node

debiandebian_linuxMatch9.0

Node

fedoraprojectfedoraMatch30

OR

fedoraprojectfedoraMatch31

Node

redhatopenstackMatch15

References

access.redhat.com/errata/RHSA-2020:0720

docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes

github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3

github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p

lists.debian.org/debian-lts-announce/2022/05/msg00011.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/

www.oracle.com/security-alerts/cpuapr2022.html

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

Related for NVD:CVE-2019-16786

prion1 osv4 ubuntucve1 cve1 debiancve1 veracode2 redhatcve1 alpinelinux1 cvelist1 github1 nessus8 openvas7 redhat2 mageia1 fedora2 suse2 debian1 oracle1