Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-24329

Опубликовано: 17 фев. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

РелизСтатусПримечание
bionic

released

2.7.17-1~18.04ubuntu1.13
devel

DNE

esm-apps/focal

released

2.7.18-1~20.04.7
esm-apps/jammy

released

2.7.18-13ubuntu1.5
esm-infra-legacy/trusty

not-affected

2.7.6-8ubuntu0.6+esm15
esm-infra/bionic

not-affected

2.7.17-1~18.04ubuntu1.13
esm-infra/xenial

released

2.7.12-1ubuntu0~16.04.18+esm5
focal

released

2.7.18-1~20.04.7
jammy

released

2.7.18-13ubuntu1.5
kinetic

ignored

end of life, was needed

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

released

3.10.6-1~22.04.2ubuntu1.1
kinetic

released

3.10.7-1ubuntu0.4
lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/jammy

released

3.11.0~rc1-1~22.04.1~esm1
esm-infra/focal

DNE

focal

DNE

jammy

needed

kinetic

ignored

end of life, was needed
lunar

not-affected

3.11.1-2
mantic

not-affected

3.11.1-2
noble

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra-legacy/trusty

needed

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of ESM support, was needed
upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
esm-infra/focal

DNE

esm-infra/xenial

released

3.5.2-2ubuntu0~16.04.13+esm8
focal

DNE

jammy

DNE

kinetic

DNE

trusty

ignored

end of standard support
trusty/esm

released

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

released

3.6.9-1~18.04ubuntu1.13
esm-infra/bionic

not-affected

3.6.9-1~18.04ubuntu1.13
esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
esm-apps/bionic

released

3.7.5-2ubuntu1~18.04.2+esm3
esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
esm-apps/bionic

released

3.8.0-3ubuntu1~18.04.2+esm2
esm-infra/focal

not-affected

3.8.10-0ubuntu1~20.04.8
focal

released

3.8.10-0ubuntu1~20.04.8
jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-apps/focal

released

3.9.5-3ubuntu0~20.04.1+esm1
focal

ignored

end of standard support, was needed
jammy

DNE

kinetic

DNE

trusty

DNE

upstream

needs-triage

xenial

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%
0.0105
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-24329

CVSS3: 7.5
redhat
больше 2 лет назад

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

nvd логотип

CVE-2023-24329

CVSS3: 7.5
nvd
больше 2 лет назад

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

msrc логотип

CVE-2023-24329

CVSS3: 7.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2023-24329

CVSS3: 7.5
debian
больше 2 лет назад

An issue in the urllib.parse component of Python before 3.11.4 allows ...

suse-cvrf логотип

SUSE-SU-2023:2639-1

suse-cvrf
почти 2 года назад

Security update for python

EPSS

Процентиль: 77%
0.0105
Низкий

7.5 High

CVSS3

Уязвимость CVE-2023-24329