Lucene search
K

9 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in python-bottle

Packages from versions 0 and before 0.12.19 are vulnerable to Web Cache Poisoning, due to a mechanism called “parameter cloaking”. When attackers can separate query parameters using a semicolon ;, they can create a discrepancy in the interpretation of requests between the proxy running with defau...

6.8CVSS6.7AI score0.01837EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Python-Django, Python 2.7

Packages containing “python/cpython” from versions 0 and earlier, including 3.6.13, 3.7.0 and earlier than 3.7.10, 3.8.0 and earlier than 3.8.8, 3.9.0 and earlier than 3.9.2, are vulnerable to Web Cache Poisoning via “urllib.parse.parseqsl” and “urllib.parse.parseqs”. This vulnerability occurs du...

5.9CVSS6.8AI score0.35963EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-bottle (UTSA-2026-017473)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017473 advisory. The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query...

6.8CVSS6.7AI score0.01837EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/11/09 5:54 p.m.11 views

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS6.8AI score0.35963EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/08/24 1:6 p.m.3 views

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS6.8AI score0.35963EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/08/24 12:50 p.m.4 views

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS6.8AI score0.35963EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/05/18 3:39 p.m.4 views

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS6.8AI score0.35963EPSS
Exploits1References5
OSV
OSV
added 2021/01/18 12:15 p.m.3 views

UBUNTU-CVE-2020-28473

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...

6.8CVSS5.8AI score0.01837EPSS
Exploits1References6
OSV
OSV
added 2021/01/18 12:15 p.m.5 views

PYSEC-2021-129

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...

6.8CVSS6.7AI score0.01837EPSS
Exploits1References5
Rows per page
Query Builder