Описание
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
A flaw was found in the Python package. An issue in the urllib.parse component could allow attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.This may lead to compromised Integrity.
Отчет
Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as 'Not affected' as they just provide "symlinks" to the main python3 component, which provides the actual interpreter of the Python programming language.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | gimp:flatpak/python2 | Affected | ||
| Red Hat Enterprise Linux 8 | inkscape:flatpak/python2 | Affected | ||
| Red Hat Enterprise Linux 8 | python36:3.6/python36 | Not affected | ||
| Red Hat Enterprise Linux 6 Extended Lifecycle Support | python | Fixed | RHSA-2023:3550 | 08.06.2023 |
| Red Hat Enterprise Linux 7 | python | Fixed | RHSA-2023:3555 | 09.06.2023 |
| Red Hat Enterprise Linux 7 | python3 | Fixed | RHSA-2023:3556 | 09.06.2023 |
| Red Hat Enterprise Linux 8 | python3 | Fixed | RHSA-2023:3591 | 14.06.2023 |
| Red Hat Enterprise Linux 8 | python3.11 | Fixed | RHSA-2023:3594 | 14.06.2023 |
| Red Hat Enterprise Linux 8 | python27 | Fixed | RHSA-2023:3780 | 22.06.2023 |
| Red Hat Enterprise Linux 8 | python38 | Fixed | RHSA-2023:3781 | 22.06.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
An issue in the urllib.parse component of Python before 3.11.4 allows ...
EPSS
7.5 High
CVSS3