An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
http://www.openwall.com/lists/oss-security/2021/02/04/2
http://www.securityfocus.com/bid/107466
https://access.redhat.com/errata/RHSA-2019:1260
https://access.redhat.com/errata/RHSA-2019:2030
https://access.redhat.com/errata/RHSA-2019:3335
https://access.redhat.com/errata/RHSA-2019:3520
https://access.redhat.com/errata/RHSA-2019:3725
https://bugs.python.org/issue36276
https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html
https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
https://seclists.org/bugtraq/2019/Oct/29
https://security.gentoo.org/glsa/202003-26
https://security.netapp.com/advisory/ntap-20190619-0005/
Source: MITRE
Published: 2019-03-13
Updated: 2021-02-04
Type: CWE-93
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Impact Score: 2.7
Exploitability Score: 2.8
Severity: MEDIUM
OR
cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 2.0 to 2.7.16 (inclusive)
cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.0.0 to 3.7.2 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
145658 | CentOS 8 : python3 (CESA-2019:3520) | Nessus | CentOS Local Security Checks | medium |
145618 | CentOS 8 : python27:2.7 (CESA-2019:3335) | Nessus | CentOS Local Security Checks | high |
140089 | Amazon Linux AMI : python34 (ALAS-2020-1429) | Nessus | Amazon Linux Local Security Checks | medium |
140087 | Amazon Linux AMI : python36 (ALAS-2020-1428) | Nessus | Amazon Linux Local Security Checks | medium |
139757 | Debian DLA-2337-1 : python2.7 security update | Nessus | Debian Local Security Checks | medium |
138529 | Debian DLA-2280-1 : python3.5 security update | Nessus | Debian Local Security Checks | medium |
137485 | EulerOS 2.0 SP2 : python-urllib3 (EulerOS-SA-2020-1643) | Nessus | Huawei Local Security Checks | medium |
135459 | RHEL 7 : python (RHSA-2020:1462) | Nessus | Red Hat Local Security Checks | medium |
135247 | RHEL 7 : python (RHSA-2020:1346) | Nessus | Red Hat Local Security Checks | medium |
135089 | RHEL 7 : python (RHSA-2020:1268) | Nessus | Red Hat Local Security Checks | medium |
134741 | EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1275) | Nessus | Huawei Local Security Checks | medium |
134603 | GLSA-202003-26 : Python: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
134501 | EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1212) | Nessus | Huawei Local Security Checks | medium |
132508 | NewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2019-0229) | Nessus | NewStart CGSL Local Security Checks | medium |
132188 | EulerOS 2.0 SP3 : python (EulerOS-SA-2019-2653) | Nessus | Huawei Local Security Checks | medium |
131596 | EulerOS 2.0 SP2 : python (EulerOS-SA-2019-2442) | Nessus | Huawei Local Security Checks | medium |
131244 | Amazon Linux AMI : python34 (ALAS-2019-1324) | Nessus | Amazon Linux Local Security Checks | medium |
130797 | Fedora 29 : python35 (2019-d202cda4f8) | Nessus | Fedora Local Security Checks | medium |
130793 | Fedora 30 : python35 (2019-b06ec6159b) | Nessus | Fedora Local Security Checks | medium |
130784 | Fedora 31 : python35 (2019-57462fa10d) | Nessus | Fedora Local Security Checks | medium |
130701 | EulerOS 2.0 SP3 : python-urllib3 (EulerOS-SA-2019-2239) | Nessus | Huawei Local Security Checks | medium |
130687 | EulerOS 2.0 SP5 : python (EulerOS-SA-2019-2225) | Nessus | Huawei Local Security Checks | medium |
130548 | RHEL 8 : python3 (RHSA-2019:3520) | Nessus | Red Hat Local Security Checks | medium |
130527 | RHEL 8 : python27:2.7 (RHSA-2019:3335) | Nessus | Red Hat Local Security Checks | high |
130079 | Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-293-01) | Nessus | Slackware Local Security Checks | medium |
129884 | NewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0187) | Nessus | NewStart CGSL Local Security Checks | medium |
128865 | openSUSE Security Update : python-urllib3 (openSUSE-2019-2133) | Nessus | SuSE Local Security Checks | medium |
128864 | openSUSE Security Update : python-urllib3 (openSUSE-2019-2131) | Nessus | SuSE Local Security Checks | medium |
128631 | Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : python2.7, python3.5, python3.6, python3.7 vulnerabilities (USN-4127-1) | Nessus | Ubuntu Local Security Checks | medium |
128333 | CentOS 7 : python (CESA-2019:2030) | Nessus | CentOS Local Security Checks | medium |
128254 | Scientific Linux Security Update : python on SL7.x x86_64 (20190806) | Nessus | Scientific Linux Local Security Checks | medium |
127651 | RHEL 7 : python (RHSA-2019:2030) | Nessus | Red Hat Local Security Checks | medium |
127127 | Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF Vulnerability | Nessus | CGI abuses | medium |
127071 | Amazon Linux AMI : python35 (ALAS-2019-1243) | Nessus | Amazon Linux Local Security Checks | medium |
127070 | Amazon Linux AMI : python34 (ALAS-2019-1242) | Nessus | Amazon Linux Local Security Checks | medium |
126959 | Amazon Linux 2 : python3 (ALAS-2019-1247) | Nessus | Amazon Linux Local Security Checks | medium |
126667 | FreeBSD : python 3.7 -- multiple vulnerabilities (a449c604-a43a-11e9-b422-fcaa147e860e) | Nessus | FreeBSD Local Security Checks | medium |
126659 | Fedora 29 : python36 (2019-7df59302e0) | Nessus | Fedora Local Security Checks | medium |
126658 | Fedora 30 : python36 (2019-7723d4774a) | Nessus | Fedora Local Security Checks | medium |
126534 | FreeBSD : python 3.6 -- multiple vulnerabilities (18ed9650-a1d6-11e9-9b17-fcaa147e860e) | Nessus | FreeBSD Local Security Checks | medium |
126346 | Amazon Linux AMI : python27 (ALAS-2019-1230) | Nessus | Amazon Linux Local Security Checks | medium |
126285 | EulerOS 2.0 SP8 : python3 (EulerOS-SA-2019-1658) | Nessus | Huawei Local Security Checks | medium |
126284 | EulerOS 2.0 SP8 : python2 (EulerOS-SA-2019-1657) | Nessus | Huawei Local Security Checks | medium |
126223 | Debian DLA-1835-2 : python3.4 regression update | Nessus | Debian Local Security Checks | medium |
126222 | Debian DLA-1834-1 : python2.7 security update | Nessus | Debian Local Security Checks | medium |
126201 | Photon OS 1.0: Python3 PHSA-2019-1.0-0237 | Nessus | PhotonOS Local Security Checks | high |
126200 | Photon OS 1.0: Python2 PHSA-2019-1.0-0237 | Nessus | PhotonOS Local Security Checks | high |
126123 | Photon OS 1.0: Python2 PHSA-2019-1.0-0236 | Nessus | PhotonOS Local Security Checks | high |
125604 | Amazon Linux AMI : python36 (ALAS-2019-1204) | Nessus | Amazon Linux Local Security Checks | medium |
125434 | Fedora 29 : python3 (2019-ec26883852) | Nessus | Fedora Local Security Checks | medium |
125229 | Fedora 30 : python3 (2019-1ffd6b6064) | Nessus | Fedora Local Security Checks | medium |