Vulnerabilites related to bottlepy - bottle
Vulnerability from fkie_nvd
Published
2021-01-18 12:15
Modified
2024-11-21 05:22
Severity ?
Summary
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.
References
▼ | URL | Tags | |
---|---|---|---|
report@snyk.io | https://github.com/bottlepy/bottle | Product, Third Party Advisory | |
report@snyk.io | https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html | Third Party Advisory | |
report@snyk.io | https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/ | Third Party Advisory | |
report@snyk.io | https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bottlepy/bottle | Product, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 | Exploit, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
bottlepy | bottle | * | |
debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bottlepy:bottle:*:*:*:*:*:*:*:*", matchCriteriaId: "6C2A48B7-D939-4AB5-A241-4071D99F0033", versionEndExcluding: "0.12.19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", }, { lang: "es", value: "El paquete bottle desde versiones 0 y anteriores a 0.12.19, es vulnerable al Envenenamiento de Caché Web al usar un vector llamado encubrimiento de parámetros. Cuando el atacante puede separar los parámetros de consulta usando un punto y coma (;), pueden causar una diferencia en la interpretación de la petición entre el proxy (que se ejecuta con la configuración predeterminada) y el servidor. Esto puede resultar en que las peticiones maliciosas se almacenen en caché como completamente seguras, ya que el proxy normalmente no vería el punto y coma como un separador y, por lo tanto, no lo incluiría en una clave de caché de un parámetro sin clave", }, ], id: "CVE-2020-28473", lastModified: "2024-11-21T05:22:51.990", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.2, source: "report@snyk.io", type: "Secondary", }, ], }, published: "2021-01-18T12:15:12.707", references: [ { source: "report@snyk.io", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-16 09:59
Modified
2024-11-21 03:02
Severity ?
Summary
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.debian.org/security/2016/dsa-3743 | Third Party Advisory | |
cve@mitre.org | http://www.securityfocus.com/bid/94961 | Third Party Advisory, VDB Entry | |
cve@mitre.org | https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 | Issue Tracking, Patch, Third Party Advisory | |
cve@mitre.org | https://github.com/bottlepy/bottle/issues/913 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3743 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94961 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bottlepy/bottle/issues/913 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
bottlepy | bottle | 0.12.10 | |
debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.10:*:*:*:*:*:*:*", matchCriteriaId: "7C61B220-6383-4108-8B6D-D1394CDB4C5C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "redirect() in bottle.py in bottle 0.12.10 doesn't filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call.", }, { lang: "es", value: "redirect() en bottle.py en bottle 0.12.10 no filtra una secuencia \"\\r\\n\", lo que lleva a un ataque CRLF, según lo demostrado por una llamada redireccionada (\"233\\r\\nSet-Cookie: name=salt\").", }, ], id: "CVE-2016-9964", lastModified: "2024-11-21T03:02:05.627", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-16T09:59:00.373", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3743", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94961", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/issues/913", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94961", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/issues/913", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-93", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-10-25 22:55
Modified
2024-11-21 02:07
Severity ?
Summary
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
bottlepy | bottle | 0.10.0 | |
bottlepy | bottle | 0.10.1 | |
bottlepy | bottle | 0.10.2 | |
bottlepy | bottle | 0.10.3 | |
bottlepy | bottle | 0.10.4 | |
bottlepy | bottle | 0.10.5 | |
bottlepy | bottle | 0.10.6 | |
bottlepy | bottle | 0.10.7 | |
bottlepy | bottle | 0.10.8 | |
bottlepy | bottle | 0.10.9 | |
bottlepy | bottle | 0.10.10 | |
bottlepy | bottle | 0.10.11 | |
bottlepy | bottle | 0.11.0 | |
bottlepy | bottle | 0.11.1 | |
bottlepy | bottle | 0.11.2 | |
bottlepy | bottle | 0.11.3 | |
bottlepy | bottle | 0.11.4 | |
bottlepy | bottle | 0.11.5 | |
bottlepy | bottle | 0.11.6 | |
bottlepy | bottle | 0.11.7 | |
bottlepy | bottle | 0.12.0 | |
bottlepy | bottle | 0.12.1 | |
bottlepy | bottle | 0.12.2 | |
bottlepy | bottle | 0.12.3 | |
bottlepy | bottle | 0.12.4 | |
bottlepy | bottle | 0.12.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.0:*:*:*:*:*:*:*", matchCriteriaId: "E058D585-505D-40C8-981C-777FAD4CE76E", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.1:*:*:*:*:*:*:*", matchCriteriaId: "C6A873B4-3514-43C6-A56C-864F5C7D32A6", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.2:*:*:*:*:*:*:*", matchCriteriaId: "05A9FBC1-3913-4415-9252-BAD64E7BAE24", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.3:*:*:*:*:*:*:*", matchCriteriaId: "F2C4AB11-2FE1-4838-9EB1-D717EF9C1913", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.4:*:*:*:*:*:*:*", matchCriteriaId: "6F182340-E3D4-4154-87F5-C7250F72CA29", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.5:*:*:*:*:*:*:*", matchCriteriaId: "54C815D7-B32C-48C3-93F1-E880663AA40C", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.6:*:*:*:*:*:*:*", matchCriteriaId: "65727781-59B5-4B85-8A69-A941AF7FD96C", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.7:*:*:*:*:*:*:*", matchCriteriaId: "B206DC38-5709-476A-8E07-62274DC723DF", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.8:*:*:*:*:*:*:*", matchCriteriaId: "29775171-7DBF-49AE-9C50-2F4F459BD001", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.9:*:*:*:*:*:*:*", matchCriteriaId: "C98DD99B-DED7-479E-A667-EF25250258C1", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.10:*:*:*:*:*:*:*", matchCriteriaId: "0F045CA7-D851-451C-B92C-58C4680ADA72", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.10.11:*:*:*:*:*:*:*", matchCriteriaId: "43C3596D-6479-4D86-87F4-AC2515F18606", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.0:*:*:*:*:*:*:*", matchCriteriaId: "22C49C4C-50F7-483A-83DF-B9661EB18CB5", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.1:*:*:*:*:*:*:*", matchCriteriaId: "D5748B16-B590-432E-936F-96E7AD4DFF46", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.2:*:*:*:*:*:*:*", matchCriteriaId: "F1B60D53-D42D-4242-BED9-846002E04602", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.3:*:*:*:*:*:*:*", matchCriteriaId: "9E16DC59-B939-4364-8021-BDDCBFF9932E", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.4:*:*:*:*:*:*:*", matchCriteriaId: "AA02677A-55EB-4013-AEF1-1B0036C4CF7E", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.5:*:*:*:*:*:*:*", matchCriteriaId: "EE4581ED-8D26-46C5-91C3-16D0ACB46B04", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.6:*:*:*:*:*:*:*", matchCriteriaId: "057AA722-33F9-47A2-BC3F-5B3DF6C5539E", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.11.7:*:*:*:*:*:*:*", matchCriteriaId: "2CF7BE61-6F01-4698-A556-B2A0BAA6590D", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.0:*:*:*:*:*:*:*", matchCriteriaId: "08006A0E-C85B-498A-9D72-C523D6D2D119", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.1:*:*:*:*:*:*:*", matchCriteriaId: "AAE099C5-0490-4CD7-8DFD-9FA8B8A7BF02", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.2:*:*:*:*:*:*:*", matchCriteriaId: "CBA3D830-1F84-4FCE-BD9D-0698E38DBD71", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.3:*:*:*:*:*:*:*", matchCriteriaId: "D45AFE66-EF46-4A46-BBDA-493CCCFDE199", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.4:*:*:*:*:*:*:*", matchCriteriaId: "43F38F6F-2A6C-406E-9756-1F41B70F8B87", vulnerable: true, }, { criteria: "cpe:2.3:a:bottlepy:bottle:0.12.5:*:*:*:*:*:*:*", matchCriteriaId: "C6C4A37C-90A0-4DCF-BC9D-BC21CCFD430D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.", }, { lang: "es", value: "Bottle 0.10.x anterior a 0.10.12, 0.11.x anterior a 0.11.7, y 0.12.x anterior a 0.12.6 no limita debidamente los tipos de contenido, lo que permite a atacantes remotos evadir las restricciones de acceso a través de un tipo de contenido aceptado seguido por un ; (punto y coma) y un tipo de contenido que no sería aceptado, tal y como fue demostrado en YouCompleteMe en ejecutar código arbitrario.", }, ], id: "CVE-2014-3137", lastModified: "2024-11-21T02:07:31.463", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-10-25T22:55:04.227", references: [ { source: "cve@mitre.org", url: "http://www.debian.org/security/2014/dsa-2948", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2014/05/01/15", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093255", }, { source: "cve@mitre.org", url: "https://github.com/defnull/bottle/issues/616", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2014/dsa-2948", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2014/05/01/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/defnull/bottle/issues/616", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-02 14:15
Modified
2024-11-21 07:05
Severity ?
Summary
Bottle before 0.12.20 mishandles errors during early request binding.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
bottlepy | bottle | * | |
debian | debian_linux | 9.0 | |
debian | debian_linux | 10.0 | |
debian | debian_linux | 11.0 | |
fedoraproject | fedora | 35 | |
fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bottlepy:bottle:*:*:*:*:*:*:*:*", matchCriteriaId: "8A477F9C-0555-4001-B286-1360CCAEB8D9", versionEndExcluding: "0.12.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Bottle before 0.12.20 mishandles errors during early request binding.", }, { lang: "es", value: "Bottle versiones anteriores a 0.12.20, maneja inapropiadamente los errores durante la vinculación temprana de peticiones", }, ], id: "CVE-2022-31799", lastModified: "2024-11-21T07:05:21.203", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-02T14:15:58.213", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5159", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2016-9964
Vulnerability from cvelistv5
Published
2016-12-16 09:02
Modified
2024-08-06 03:07
Severity ?
EPSS score ?
Summary
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
References
▼ | URL | Tags |
---|---|---|
https://github.com/bottlepy/bottle/issues/913 | x_refsource_CONFIRM | |
https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 | x_refsource_CONFIRM | |
http://www.debian.org/security/2016/dsa-3743 | vendor-advisory, x_refsource_DEBIAN | |
http://www.securityfocus.com/bid/94961 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T03:07:31.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/bottlepy/bottle/issues/913", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54", }, { name: "DSA-3743", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3743", }, { name: "94961", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94961", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-12-16T00:00:00", descriptions: [ { lang: "en", value: "redirect() in bottle.py in bottle 0.12.10 doesn't filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-01-04T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/bottlepy/bottle/issues/913", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54", }, { name: "DSA-3743", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3743", }, { name: "94961", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94961", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-9964", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "redirect() in bottle.py in bottle 0.12.10 doesn't filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/bottlepy/bottle/issues/913", refsource: "CONFIRM", url: "https://github.com/bottlepy/bottle/issues/913", }, { name: "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54", refsource: "CONFIRM", url: "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54", }, { name: "DSA-3743", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3743", }, { name: "94961", refsource: "BID", url: "http://www.securityfocus.com/bid/94961", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-9964", datePublished: "2016-12-16T09:02:00", dateReserved: "2016-12-16T00:00:00", dateUpdated: "2024-08-06T03:07:31.418Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31799
Vulnerability from cvelistv5
Published
2022-05-29 21:25
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
Bottle before 0.12.20 mishandles errors during early request binding.
References
▼ | URL | Tags |
---|---|---|
https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00 | x_refsource_MISC | |
https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c | x_refsource_MISC | |
https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20 | x_refsource_MISC | |
https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html | mailing-list, x_refsource_MLIST | |
https://www.debian.org/security/2022/dsa-5159 | vendor-advisory, x_refsource_DEBIAN | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/ | vendor-advisory, x_refsource_FEDORA | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:26:01.088Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20", }, { name: "[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html", }, { name: "DSA-5159", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5159", }, { name: "FEDORA-2022-c1e107f37f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/", }, { name: "FEDORA-2022-cc9a173168", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Bottle before 0.12.20 mishandles errors during early request binding.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-22T02:06:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20", }, { name: "[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html", }, { name: "DSA-5159", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5159", }, { name: "FEDORA-2022-c1e107f37f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/", }, { name: "FEDORA-2022-cc9a173168", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-31799", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bottle before 0.12.20 mishandles errors during early request binding.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00", refsource: "MISC", url: "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00", }, { name: "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c", refsource: "MISC", url: "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c", }, { name: "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20", refsource: "MISC", url: "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20", }, { name: "[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html", }, { name: "DSA-5159", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5159", }, { name: "FEDORA-2022-c1e107f37f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/", }, { name: "FEDORA-2022-cc9a173168", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-31799", datePublished: "2022-05-29T21:25:44", dateReserved: "2022-05-29T00:00:00", dateUpdated: "2024-08-03T07:26:01.088Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-28473
Vulnerability from cvelistv5
Published
2021-01-18 11:15
Modified
2024-09-16 20:41
Severity ?
EPSS score ?
Summary
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.
References
▼ | URL | Tags |
---|---|---|
https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 | x_refsource_MISC | |
https://github.com/bottlepy/bottle | x_refsource_MISC | |
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/ | x_refsource_CONFIRM | |
https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html | mailing-list, x_refsource_MLIST |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:40:58.665Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/bottlepy/bottle", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/", }, { name: "[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "bottle", vendor: "n/a", versions: [ { lessThan: "unspecified", status: "affected", version: "0", versionType: "custom", }, { lessThan: "0.12.19", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Snyk Security Team", }, ], datePublic: "2021-01-18T00:00:00", descriptions: [ { lang: "en", value: "The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "NONE", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 6.1, temporalSeverity: "MEDIUM", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Web Cache Poisoning", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-01-24T21:06:09", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/bottlepy/bottle", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/", }, { name: "[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html", }, ], title: "Web Cache Poisoning", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2021-01-18T11:12:14.506344Z", ID: "CVE-2020-28473", STATE: "PUBLIC", TITLE: "Web Cache Poisoning", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "bottle", version: { version_data: [ { version_affected: ">=", version_value: "0", }, { version_affected: "<", version_value: "0.12.19", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Snyk Security Team", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Web Cache Poisoning", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108", }, { name: "https://github.com/bottlepy/bottle", refsource: "MISC", url: "https://github.com/bottlepy/bottle", }, { name: "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/", refsource: "CONFIRM", url: "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/", }, { name: "[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2020-28473", datePublished: "2021-01-18T11:15:14.918598Z", dateReserved: "2020-11-12T00:00:00", dateUpdated: "2024-09-16T20:41:35.337Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-3137
Vulnerability from cvelistv5
Published
2014-10-25 22:00
Modified
2024-08-06 10:35
Severity ?
EPSS score ?
Summary
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.
References
▼ | URL | Tags |
---|---|---|
https://github.com/defnull/bottle/issues/616 | x_refsource_CONFIRM | |
https://bugzilla.redhat.com/show_bug.cgi?id=1093255 | x_refsource_CONFIRM | |
http://www.openwall.com/lists/oss-security/2014/05/01/15 | mailing-list, x_refsource_MLIST | |
http://www.debian.org/security/2014/dsa-2948 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:35:56.668Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/defnull/bottle/issues/616", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093255", }, { name: "[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/05/01/15", }, { name: "DSA-2948", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2948", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-05-01T00:00:00", descriptions: [ { lang: "en", value: "Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-10-25T21:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/defnull/bottle/issues/616", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093255", }, { name: "[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/05/01/15", }, { name: "DSA-2948", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2948", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-3137", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/defnull/bottle/issues/616", refsource: "CONFIRM", url: "https://github.com/defnull/bottle/issues/616", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1093255", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1093255", }, { name: "[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/05/01/15", }, { name: "DSA-2948", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2948", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-3137", datePublished: "2014-10-25T22:00:00", dateReserved: "2014-05-01T00:00:00", dateUpdated: "2024-08-06T10:35:56.668Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }