exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2019-9740

Status Candidate

Overview

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.

Related Files

Red Hat Security Advisory 2020-1462-01
Posted Apr 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1462-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2018-14647, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | 13cad2f3b24f9bcb2ffc46f612f937821b8385d1c587da44e80913794075e4a9
Red Hat Security Advisory 2020-1346-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1346-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | 214f2f6e6d5aaafa4d2104aef7abb772d7a90dbdd57dda1cd516c8b7253b9d4b
Red Hat Security Advisory 2020-1268-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1268-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | 30344eddc0f59f27bbc3bad70f1d316ba384793bcad4f0e16e37ed8e9972ff72
Gentoo Linux Security Advisory 202003-26
Posted Mar 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-26 - Multiple vulnerabilities have been found in Python, the worst of which could result in a Denial of Service condition. Versions less than 2.7.17:2.7 are affected.

tags | advisory, denial of service, vulnerability, python
systems | linux, gentoo
advisories | CVE-2018-20852, CVE-2019-5010, CVE-2019-9636, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | 48a9f63e52b9d0580896b559ad4cc27cff258f6f1bae6a868f93bbfeadcc471d
Red Hat Security Advisory 2019-3725-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3725-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a null pointer vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-16056, CVE-2019-5010, CVE-2019-9740, CVE-2019-9947
SHA-256 | bbf1288026d411c841fcc3e8a74cffaf02a744569f5e0112ecfc1fdbb50d6127
Red Hat Security Advisory 2019-3335-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3335-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. Issues addressed include bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution, python
systems | linux, redhat
advisories | CVE-2019-11236, CVE-2019-11324, CVE-2019-6446, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | d69b5430e2258157becca225b221e9e2e5f121f9a5cc57019e4805a9f9f7060b
Red Hat Security Advisory 2019-3520-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3520-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, vulnerability, python
systems | linux, redhat
advisories | CVE-2019-5010, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | 4b6bc25442fb61ab80df04143efdced31f55314918220e0140e45c1f2931ec2d
Slackware Security Advisory - python Updates
Posted Oct 21, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, python
systems | linux, slackware
advisories | CVE-2019-15903, CVE-2019-9740, CVE-2019-9948
SHA-256 | 6e16f3aa88276b6f120411e834953cbd8b1d1e3547deb2d4e80297d7c49b6eb3
Red Hat Security Advisory 2019-2030-01
Posted Aug 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2030-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include bypass and null pointer vulnerabilities.

tags | advisory, vulnerability, python
systems | linux, redhat
advisories | CVE-2018-14647, CVE-2019-5010, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
SHA-256 | 6fd91245102802a006109694bf2cbf504a8440df92fcea71cc7c5cb6ed8f2681
Red Hat Security Advisory 2019-1260-01
Posted May 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2016-10745, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947
SHA-256 | 05618523951e266d43a52069da1f0ba34d7ea40ab7b10ec9fbdc045f2a7608d6
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close