Showing 1 - 17 of 17

CVE-2022-0391

Status Candidate

Overview

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.

Related Files

Gentoo Linux Security Advisory 202305-02: Posted May 3, 2023; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202305-2 - Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.; tags | advisory, arbitrary, vulnerability, code execution, python; systems | linux, gentoo; advisories | CVE-2015-20107, CVE-2021-28363, CVE-2021-28861, CVE-2021-29921, CVE-2021-3654, CVE-2022-0391, CVE-2022-37454, CVE-2022-42919, CVE-2022-45061; SHA-256 | 641b7206ae708be2456ced27dc11f8f77c8d01d6eb97ee4f516c3e6799b4e0ad; Download | Favorite | View

Red Hat Security Advisory 2023-0408-01: Posted Jan 26, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-0408-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2016-3709, CVE-2020-0256, CVE-2020-35525, CVE-2020-35527, CVE-2021-0308, CVE-2021-38561, CVE-2021-44716, CVE-2021-44717, CVE-2022-0391, CVE-2022-0934, CVE-2022-1292, CVE-2022-1304, CVE-2022-1586; SHA-256 | a788fdd2f39eb6291b7f48a9b6b53ac1c6cbe483a246d32258dd131e3bb8e8d1; Download | Favorite | View

Red Hat Security Advisory 2022-8750-01: Posted Dec 2, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2016-3709, CVE-2020-0256, CVE-2020-35525, CVE-2020-35527, CVE-2021-0308, CVE-2021-38561, CVE-2022-0391, CVE-2022-0934, CVE-2022-1292, CVE-2022-1304, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897; SHA-256 | 97a1315b0fbee0ce3f4d325b64ba96eef25047860270e8353a13efa3ba7cf84a; Download | Favorite | View

Red Hat Security Advisory 2022-7313-01: Posted Nov 3, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.; tags | advisory, remote, denial of service, vulnerability, sql injection; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2020-35525, CVE-2020-35527, CVE-2022-0391, CVE-2022-0494, CVE-2022-1353, CVE-2022-2238, CVE-2022-23816, CVE-2022-23825, CVE-2022-2509, CVE-2022-25858, CVE-2022-2588, CVE-2022-25887, CVE-2022-25896; SHA-256 | f088aaac528bedbfa16105a558b51c712895ea3407b41e433e40d884e498110f; Download | Favorite | View

Red Hat Security Advisory 2022-7058-01: Posted Oct 20, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7058-01 - OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. This advisory contains an update for OpenShift sandboxed containers with security fixes and a bug fix. Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. Issues addressed include a null pointer vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-24675, CVE-2022-2832, CVE-2022-29154, CVE-2022-30632, CVE-2022-32206; SHA-256 | 952618897141c2bcf07e60e877ff3c20659f892e7d4f3e17083ce9ccf958ffc0; Download | Favorite | View

Red Hat Security Advisory 2022-7055-01: Posted Oct 20, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-7055-01 - An update is now available for Red Hat Openshift distributed tracing 2.6.0. Issues addressed include denial of service and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2021-3918, CVE-2022-0391, CVE-2022-0536, CVE-2022-1292, CVE-2022-1586, CVE-2022-1650, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-24785, CVE-2022-31129; SHA-256 | 5fff960e2fde02a4f151b249992ebb605527410d45341b4ecb9b0c5b43db1262; Download | Favorite | View

Red Hat Security Advisory 2022-6954-01: Posted Oct 17, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6954-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include denial of service and remote SQL injection vulnerabilities.; tags | advisory, remote, denial of service, vulnerability, sql injection; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-2238, CVE-2022-34903; SHA-256 | fda3772db47bbb97412abbca356027a1b9d45258ea5b87563a25fd016a40589a; Download | Favorite | View

Red Hat Security Advisory 2022-6696-01: Posted Sep 27, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2020-28915, CVE-2021-40528, CVE-2022-0391, CVE-2022-1012, CVE-2022-1292, CVE-2022-1586, CVE-2022-1729, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-21123; SHA-256 | 93b0f967c0fc17f3ba55a522337de68e746328883ab6a3bcc0a9d9569b072751; Download | Favorite | View

Red Hat Security Advisory 2022-6714-01: Posted Sep 27, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6714-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes new features and bug fixes.; tags | advisory; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-1292, CVE-2022-1586, CVE-2022-1785, CVE-2022-1897, CVE-2022-1927, CVE-2022-2068, CVE-2022-2097, CVE-2022-24675, CVE-2022-24921, CVE-2022-28327, CVE-2022-29154, CVE-2022-29526; SHA-256 | 69050ff141090bf4e5efd74a234911043d10d39b379930b9257258af6d9efab7; Download | Favorite | View

Red Hat Security Advisory 2022-6560-01: Posted Sep 26, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6560-01 - An update is now available for OpenShift Logging 5.3.12 Red Hat Product Security has rated this update as having a security impact of Moderate.; tags | advisory; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-29154, CVE-2022-30631, CVE-2022-32206, CVE-2022-32208, CVE-2022-34903; SHA-256 | d134f436fdff639de70a03b7b3975885bf861fbed06c5479cdbcb07453bd6f5d; Download | Favorite | View

Red Hat Security Advisory 2022-6536-01: Posted Sep 22, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.; tags | advisory; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2021-3121, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-28199, CVE-2022-30629, CVE-2022-34903; SHA-256 | 0c76c344a24ad9f294e5e60b3ecf6b5cbee617962cc0ff63f7cf784cc0666fc0; Download | Favorite | View

Red Hat Security Advisory 2022-6537-01: Posted Sep 20, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6537-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5. Issues addressed include denial of service and out of bounds read vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2021-38561, CVE-2022-0391, CVE-2022-21123, CVE-2022-21125, CVE-2022-21166, CVE-2022-21698, CVE-2022-34903; SHA-256 | 735b783c45f9b58ea138e108a34335ff5637f28e24d124171612b58ece201b35; Download | Favorite | View

Red Hat Security Advisory 2022-6457-01: Posted Sep 13, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-6457-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2015-20107, CVE-2022-0391; SHA-256 | 7266239c22b575a90f6bb3ad0f599c5c7156dfbfcf1d73eddfcff1d1b3d2334a; Download | Favorite | View

Red Hat Security Advisory 2022-1821-01: Posted May 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1821-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, python; systems | linux, redhat; advisories | CVE-2021-3733, CVE-2021-3737, CVE-2021-4189, CVE-2021-43818, CVE-2022-0391; SHA-256 | 7f5d07cb76947dd97d0ef4499761f3a21f5ac6ce8b664d628ff9051f4d8f3ad5; Download | Favorite | View

Red Hat Security Advisory 2022-1764-01: Posted May 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1764-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, python; systems | linux, redhat; advisories | CVE-2021-3733, CVE-2021-3737, CVE-2021-43818, CVE-2022-0391; SHA-256 | 7031e93a404f5038380ef83ca82a615ac3678cf775d367c8e05fb73cb59cd5b0; Download | Favorite | View

Red Hat Security Advisory 2022-1663-01: Posted May 2, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1663-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, python; systems | linux, redhat; advisories | CVE-2021-3733, CVE-2021-3737, CVE-2021-4189, CVE-2022-0391; SHA-256 | 6432414f7b8a6571ed395cf657578903108760e6c22f8983c8ddccfd17747480; Download | Favorite | View

Ubuntu Security Notice USN-5342-1: Posted Mar 28, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5342-1 - David Schwoerer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS.; tags | advisory, python; systems | linux, ubuntu; advisories | CVE-2021-3426, CVE-2021-4189, CVE-2022-0391; SHA-256 | aca89396ae01c0e23570722cce601216500351c0043e555ec3a5618cec852ea8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2022-0391

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems