[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2019-9636 -- python2.7, python3.4, python3.5, python3.6

ID: oval:org.secpod.oval:def:1901833Date: (C)2019-06-25   (M)2023-12-20
Class: VULNERABILITYFamily: unix




Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding during NFKC normalization. The impact is: Information disclosure . The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly.

Platform:
Ubuntu 16.04
Ubuntu 18.10
Ubuntu 14.04
Ubuntu 18.04
Product:
python2.7
python3.4
python3.5
python3.6
Reference:
CVE-2019-9636
CVE    1
CVE-2019-9636
CPE    53
cpe:/a:python:python:3.3.1:rc1
cpe:/a:python:python:2.7
cpe:/a:python:python:3.2.2150
cpe:/a:python:python:3.3.4
...

© SecPod Technologies