exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2019-16056

Status Candidate

Overview

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.

Related Files

Red Hat Security Advisory 2020-3194-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3194-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-14404, CVE-2018-18074, CVE-2018-19519, CVE-2018-20060, CVE-2018-20337, CVE-2018-20852, CVE-2018-7263, CVE-2018-9251, CVE-2019-1010180, CVE-2019-1010204, CVE-2019-11236, CVE-2019-11324, CVE-2019-12447, CVE-2019-12448, CVE-2019-12449, CVE-2019-13232, CVE-2019-13752, CVE-2019-13753, CVE-2019-14563, CVE-2019-14822, CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-15847, CVE-2019-16056, CVE-2019-17451
SHA-256 | ab12a5414b74ae4ec0875438bd155092413bb637cd1033a63c83f8057805a037
Red Hat Security Advisory 2020-2520-01
Posted Jun 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2520-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an incorrect parsing vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-16056
SHA-256 | d87cfddcf612ac9bf22c26a297c9f8853a61ae1670bca335c161610a7d81e247
Red Hat Security Advisory 2020-1605-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1605-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include crlf injection, cross-host redirect, and incorrect parsing vulnerabilities.

tags | advisory, vulnerability, python
systems | linux, redhat
advisories | CVE-2018-18074, CVE-2018-20060, CVE-2018-20852, CVE-2019-11236, CVE-2019-11324, CVE-2019-16056
SHA-256 | 3eb4d4cc738eeaf8816539a02e6c07fc0fb8726c826eb4593ecf261bf9422b6e
Red Hat Security Advisory 2020-1764-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1764-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an incorrect parsing vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-20852, CVE-2019-16056
SHA-256 | 314d4e973cd5271cd6e45db6c70b983bad6701d2b25e24a80f3dfee18465caa7
Red Hat Security Advisory 2020-1132-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1132-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package provides the "python3" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3-libs package, which should be installed automatically along with python3. The remaining parts of the Python standard library are broken out into the python3-tkinter and python3-test packages. Issues addressed include an incorrect parsing vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-20852, CVE-2019-16056
SHA-256 | c6aa6271b8af99a97704df8b3dd3172ab2fe69a002126371ebb95f67d9f205cf
Red Hat Security Advisory 2020-1131-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1131-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an incorrect parsing vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-20852, CVE-2019-16056
SHA-256 | aaba0ee19d314db84fe1fd7611b4c0f7709d3410a2ce19e218433186d42123f2
Red Hat Security Advisory 2019-3948-01
Posted Nov 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3948-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-20852, CVE-2019-16056
SHA-256 | 113b8ba83874a9254e718d89ec1a9f257e4f0c5d77c336e659e3be030d0fabe0
Red Hat Security Advisory 2019-3725-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3725-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a null pointer vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-16056, CVE-2019-5010, CVE-2019-9740, CVE-2019-9947
SHA-256 | bbf1288026d411c841fcc3e8a74cffaf02a744569f5e0112ecfc1fdbb50d6127
Ubuntu Security Notice USN-4151-2
Posted Oct 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4151-2 - USN-4151-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-16056, CVE-2019-16935
SHA-256 | d113f0bd6b18a24f8d47226df8c3ba6a6d2753339432c2bf61db7c00a5216c91
Ubuntu Security Notice USN-4151-1
Posted Oct 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4151-1 - It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. It was discovered that the Python documentation XML-RPC server incorrectly handled certain fields. A remote attacker could use this issue to execute a cross-site scripting attack.

tags | advisory, remote, xss, python
systems | linux, ubuntu
advisories | CVE-2019-16056, CVE-2019-16935
SHA-256 | 4a31e1608bf184e87f81e9c199a87a11581e4cd063544e166657a5c58d535a49
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close