Lucene search
+L

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-28473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate...

6.8CVSS6.4AI score0.01837EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/18 5:34 a.m.31 views

Security Bulletin: Vulnerability in bottle-0.12.16 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0) [CVE-2020-28473]

Summary The bottle-0.12.16 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2020-28473. Vulnerability Details CVEID:CVE-2020-28473 DESCRIPTION: Bottle is vulnerable to HTTP response splitting attacks. A remote attacker...

6.8CVSS6.4AI score0.01837EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/12 8:15 a.m.19 views

Security Bulletin: Vulnerability in bottle-0.12.16 affects IBM Integrated Analytics System [CVE-2020-28473]

Summary The bottle-0.12.16 package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable vulnerabilityCVE-2020-28473. Vulnerability Details CVEID:CVE-2020-28473 DESCRIPTION: Bottle is vulnerable to HTTP response splitting attacks. A remote attack...

6.8CVSS6.4AI score0.01837EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/07 12:0 a.m.24 views

Ubuntu 18.04 LTS / 20.04 LTS : Bottle vulnerability (USN-5105-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5105-1 advisory. It was discovered that Bottle incorrectly handled certain inputs. An attacker could possibly use this issue to cache malicious requests. Tenable has...

6.8CVSS6.6AI score0.01837EPSS
Exploits1References2
Mageia
Mageia
added 2021/04/02 8:25 p.m.25 views

Updated python-bottle packages fix security vulnerability

Updated python-bottle packages fix security vulnerability: python-bottle before 0.12.19 is vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the...

6.8CVSS2.1AI score0.01837EPSS
Exploits1References2
OSV
OSV
added 2021/03/05 11:2 a.m.4 views

OESA-2021-1067 python-bottle security update

Bottle is a fast, simple and lightweight WSGI micro web-framework for Python. It is distributed as a single file module and has no dependencies other than the Python Standard Library. Security Fixes: The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a...

6.8CVSS6.9AI score0.01837EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/02/22 12:0 a.m.36 views

openSUSE Security Update : python-bottle (openSUSE-2021-302)

This update for python-bottle fixes the following issues : - CVE-2020-28473: Fixed Web Cache Poisoning vulnerability using parameter cloaking bsc1182181. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks i...

6.8CVSS6.4AI score0.01837EPSS
Exploits1References2
OSV
OSV
added 2021/02/16 3:21 p.m.7 views

OPENSUSE-SU-2021:0302-1 Security update for python-bottle

This update for python-bottle fixes the following issues: - CVE-2020-28473: Fixed Web Cache Poisoning vulnerability using parameter cloaking bsc1182181. This update was imported from the SUSE:SLE-15:Update update project...

6.8CVSS6.9AI score0.01837EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/02/16 12:0 a.m.30 views

Security update for python-bottle (important)

openSUSE Security Update: Security update for python-bottle Announcement ID: openSUSE-SU-2021:0302-1 Rating: important References: 1182181 Cross-References: CVE-2020-28473 CVSS scores: CVE-2020-28473 NVD : 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H CVE-2020-28473 SUSE: 6.8...

6.8CVSS6.6AI score0.01837EPSS
Exploits1References1
Debian
Debian
added 2021/01/24 7:19 p.m.97 views

[SECURITY] [DLA 2531-1] python-bottle security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2531-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 24, 2021 https://wiki.debian.org/LTS -...

6.8CVSS6.4AI score0.01837EPSS
Exploits1
Cvelist
Cvelist
added 2021/01/18 11:15 a.m.42 views

CVE-2020-28473 Web Cache Poisoning

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...

6.8CVSS6.3AI score0.01837EPSS
Exploits1References4
CVE
CVE
added 2021/01/18 11:15 a.m.194 views

CVE-2020-28473

CVE-2020-28473 affects the bottle Python package (versions before 0.12.19). The underlying issue is parameter cloaking: if an attacker uses semicolon to separate query parameters, the proxy and server may interpret the request differently, causing malicious requests to be cached as safe. This ena...

6.8CVSS6.3AI score0.01837EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2020/10/13 9:3 a.m.3 views

ait-core (>=2.0.0 <=2.3.5), ait-dsn (=2.0.0) +47 more potentially affected by CVE-2020-28473 via bottle (>=0.12.10 <=0.12.18)

bottle PYPI version =0.12.10, =2.0.0, =0.1.0, =0.11.0, =0.14.0, =0.1.0, =0.4.0, =0.11.0, =0.13.0 and more Source cves: CVE-2020-28473 Source advisory: SNYK:PYTHON-BOTTLE-1017108...

6.8CVSS6.7AI score0.01837EPSS
Exploits1
Rows per page
Query Builder