colander

This is a Python library for deserialization and validation of data structures composed of strings, mappings, and lists. It is a package that can be used to serialize an arbitrary data structure to a data structure composed of strings, mappings, and lists, and to deserialize and validate a data...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF004 Vulnerability Details CVEID:CVE-2024-38821 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security...

Waitress 安全漏洞

Waitress is a production-quality, pure Python WSGI server from the Pylons project. A security vulnerability existed prior to Waitress version 3.0.1, which stemmed from the inclusion of a race condition issue...

WebOb's location header normalization during redirect leads to open redirect

Impact When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. urlparse however treats a // at the start of a string as a URI without a scheme, and th...

JVN#41113329: Pyramid vulnerable to directory traversal

Pyramid provided by Pylons Project, which is a web framework for Python, contains a directory traversal vulnerability CWE-22. Impact index.html located one directory above the location of the static view's file system path can be accessed via a crafted request. Solution Update the software Update...

Catastrophic backtracking in regex allows Denial of Service in Waitress

Impact When waitress receives a header that contains invalid characters it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This would allow an attacker to send a single request with an invalid...

HTTP Request Smuggling: Invalid whitespace characters in headers in Waitress

Impact If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Content-Length: 10 Transfer-Encoding: \x0bchunked For clarity: 0x0b == vertical...

GHSA-4PPP-GPCR-7QF6 HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

GHSA-G2XC-35JW-C63P HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Impact Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most...

HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Impact Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most...