Lucene search
K

873 matches found

OSV
OSV
added 2021/02/16 3:21 p.m.7 views

OPENSUSE-SU-2021:0302-1 Security update for python-bottle

This update for python-bottle fixes the following issues: - CVE-2020-28473: Fixed Web Cache Poisoning vulnerability using parameter cloaking bsc1182181. This update was imported from the SUSE:SLE-15:Update update project...

6.8CVSS6.9AI score0.01837EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/02/16 3:8 p.m.25 views

CVE-2020-29022 Host Header Injection allowing web cache poisoning attacks

Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3...

5.3CVSS5.3AI score0.00803EPSS
Exploits0References1
OSV
OSV
added 2021/02/16 9:4 a.m.7 views

SUSE-SU-2021:0483-1 Security update for python-bottle

This update for python-bottle fixes the following issues: - CVE-2020-28473: Fixed Web Cache Poisoning vulnerability using parameter cloaking bsc1182181...

6.8CVSS6.6AI score0.01837EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/02/16 12:0 a.m.29 views

Security update for python-bottle (important)

openSUSE Security Update: Security update for python-bottle Announcement ID: openSUSE-SU-2021:0302-1 Rating: important References: 1182181 Cross-References: CVE-2020-28473 CVSS scores: CVE-2020-28473 NVD : 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H CVE-2020-28473 SUSE: 6.8...

6.8CVSS6.7AI score0.01837EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2021/02/15 8:5 p.m.52 views

CVE-2021-23336

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS2.8AI score0.35963EPSS
Exploits1References4
OSV
OSV
added 2021/02/15 1:15 p.m.20 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6AI score
Exploits0References37
NVD
NVD
added 2021/02/15 1:15 p.m.29 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS0.35963EPSS
Exploits1References37
OSV
OSV
added 2021/02/15 1:15 p.m.4 views

DEBIAN-CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS7.3AI score0.35963EPSS
Exploits1References1
OSV
OSV
added 2021/02/15 1:15 p.m.5 views

AZL-6827 CVE-2021-23336 affecting package python2 for versions less than 2.7.18-8

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.9AI score0.35963EPSS
Exploits1References1
OSV
OSV
added 2021/02/15 1:15 p.m.3 views

ALPINE-CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.9AI score0.35963EPSS
Exploits1References1
Prion
Prion
added 2021/02/15 1:15 p.m.31 views

Design/Logic Flaw

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

4CVSS6.9AI score0.35963EPSS
Exploits1References37Affected Software8
UbuntuCve
UbuntuCve
added 2021/02/15 1:15 p.m.46 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.9AI score0.35963EPSS
Exploits1References7
OSV
OSV
added 2021/02/15 1:15 p.m.2 views

UBUNTU-CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.9AI score0.35963EPSS
Exploits1References8
Cvelist
Cvelist
added 2021/02/15 12:15 p.m.38 views

CVE-2021-23336 Web Cache Poisoning

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.5AI score0.35963EPSS
Exploits1References37
Vulnrichment
Vulnrichment
added 2021/02/15 12:15 p.m.2 views

CVE-2021-23336 Web Cache Poisoning

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.5AI score0.35963EPSS
Exploits1References37
CVE
CVE
added 2021/02/15 12:15 p.m.814 views

CVE-2021-23336

CVE-2021-23336 affects Python CPython across multiple branches (0 and before 3.6.13; 3.7.0 before 3.7.10; 3.8.0 before 3.8.8; 3.9.0 before 3.9.2). The vulnerability is Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs using parameter cloaking with semicolons, causing the pr...

5.9CVSS7.6AI score0.35963EPSS
Exploits1References37Affected Software1
Debian CVE
Debian CVE
added 2021/02/15 12:15 p.m.48 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS7.3AI score0.35963EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2021/02/15 12:15 p.m.36 views

CVE-2021-23336

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS7.5AI score0.35963EPSS
Exploits1
OSV
OSV
added 2021/02/15 12:0 a.m.24 views

PSF-2021-1 urllib parse_qsl(): Web cache poisoning - semicolon as a query args separator

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS7.7AI score0.35963EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/02/13 12:0 a.m.13 views

PT-2021-3621

Name of the Vulnerable Software and Affected Versions python/cpython versions 0 through 3.6.13 python/cpython versions 3.7.0 through 3.7.10 python/cpython versions 3.8.0 through 3.8.8 python/cpython versions 3.9.0 through 3.9.2 Description The issue is related to Web Cache Poisoning via...

5.9CVSS6.8AI score0.35963EPSS
Exploits1References351
Rows per page
Query Builder