CVE-2019-9740

MEDIUM

Description

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.

References

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html

http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

http://www.openwall.com/lists/oss-security/2021/02/04/2

http://www.securityfocus.com/bid/107466

https://access.redhat.com/errata/RHSA-2019:1260

https://access.redhat.com/errata/RHSA-2019:2030

https://access.redhat.com/errata/RHSA-2019:3335

https://access.redhat.com/errata/RHSA-2019:3520

https://access.redhat.com/errata/RHSA-2019:3725

https://bugs.python.org/issue36276

https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html

https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html

https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html

https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/

https://lists.fedoraproject.org/archives/list/[email protected]/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/

https://lists.fedoraproject.org/archives/list/[email protected]/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

https://lists.fedoraproject.org/archives/list/[email protected]/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

https://lists.fedoraproject.org/archives/list/[email protected]/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/

https://lists.fedoraproject.org/archives/list/[email protected]/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/

https://lists.fedoraproject.org/archives/list/[email protected]/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

https://seclists.org/bugtraq/2019/Oct/29

https://security.gentoo.org/glsa/202003-26

https://security.netapp.com/advisory/ntap-20190619-0005/

https://usn.ubuntu.com/4127-1/

https://usn.ubuntu.com/4127-2/

Details

Source: MITRE

Published: 2019-03-13

Updated: 2021-02-04

Type: CWE-93

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 2.0 to 2.7.16 (inclusive)

cpe:2.3:a:python:python:*:*:*:*:*:*:*:* versions from 3.0.0 to 3.7.2 (inclusive)

Tenable Plugins

View all (51 total)

IDNameProductFamilySeverity
145658CentOS 8 : python3 (CESA-2019:3520)NessusCentOS Local Security Checks
medium
145618CentOS 8 : python27:2.7 (CESA-2019:3335)NessusCentOS Local Security Checks
high
140089Amazon Linux AMI : python34 (ALAS-2020-1429)NessusAmazon Linux Local Security Checks
medium
140087Amazon Linux AMI : python36 (ALAS-2020-1428)NessusAmazon Linux Local Security Checks
medium
139757Debian DLA-2337-1 : python2.7 security updateNessusDebian Local Security Checks
medium
138529Debian DLA-2280-1 : python3.5 security updateNessusDebian Local Security Checks
medium
137485EulerOS 2.0 SP2 : python-urllib3 (EulerOS-SA-2020-1643)NessusHuawei Local Security Checks
medium
135459RHEL 7 : python (RHSA-2020:1462)NessusRed Hat Local Security Checks
medium
135247RHEL 7 : python (RHSA-2020:1346)NessusRed Hat Local Security Checks
medium
135089RHEL 7 : python (RHSA-2020:1268)NessusRed Hat Local Security Checks
medium
134741EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1275)NessusHuawei Local Security Checks
medium
134603GLSA-202003-26 : Python: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
134501EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1212)NessusHuawei Local Security Checks
medium
132508NewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2019-0229)NessusNewStart CGSL Local Security Checks
medium
132188EulerOS 2.0 SP3 : python (EulerOS-SA-2019-2653)NessusHuawei Local Security Checks
medium
131596EulerOS 2.0 SP2 : python (EulerOS-SA-2019-2442)NessusHuawei Local Security Checks
medium
131244Amazon Linux AMI : python34 (ALAS-2019-1324)NessusAmazon Linux Local Security Checks
medium
130797Fedora 29 : python35 (2019-d202cda4f8)NessusFedora Local Security Checks
medium
130793Fedora 30 : python35 (2019-b06ec6159b)NessusFedora Local Security Checks
medium
130784Fedora 31 : python35 (2019-57462fa10d)NessusFedora Local Security Checks
medium
130701EulerOS 2.0 SP3 : python-urllib3 (EulerOS-SA-2019-2239)NessusHuawei Local Security Checks
medium
130687EulerOS 2.0 SP5 : python (EulerOS-SA-2019-2225)NessusHuawei Local Security Checks
medium
130548RHEL 8 : python3 (RHSA-2019:3520)NessusRed Hat Local Security Checks
medium
130527RHEL 8 : python27:2.7 (RHSA-2019:3335)NessusRed Hat Local Security Checks
high
130079Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-293-01)NessusSlackware Local Security Checks
medium
129884NewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0187)NessusNewStart CGSL Local Security Checks
medium
128865openSUSE Security Update : python-urllib3 (openSUSE-2019-2133)NessusSuSE Local Security Checks
medium
128864openSUSE Security Update : python-urllib3 (openSUSE-2019-2131)NessusSuSE Local Security Checks
medium
128631Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : python2.7, python3.5, python3.6, python3.7 vulnerabilities (USN-4127-1)NessusUbuntu Local Security Checks
medium
128333CentOS 7 : python (CESA-2019:2030)NessusCentOS Local Security Checks
medium
128254Scientific Linux Security Update : python on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
medium
127651RHEL 7 : python (RHSA-2019:2030)NessusRed Hat Local Security Checks
medium
127127Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF VulnerabilityNessusCGI abuses
medium
127071Amazon Linux AMI : python35 (ALAS-2019-1243)NessusAmazon Linux Local Security Checks
medium
127070Amazon Linux AMI : python34 (ALAS-2019-1242)NessusAmazon Linux Local Security Checks
medium
126959Amazon Linux 2 : python3 (ALAS-2019-1247)NessusAmazon Linux Local Security Checks
medium
126667FreeBSD : python 3.7 -- multiple vulnerabilities (a449c604-a43a-11e9-b422-fcaa147e860e)NessusFreeBSD Local Security Checks
medium
126659Fedora 29 : python36 (2019-7df59302e0)NessusFedora Local Security Checks
medium
126658Fedora 30 : python36 (2019-7723d4774a)NessusFedora Local Security Checks
medium
126534FreeBSD : python 3.6 -- multiple vulnerabilities (18ed9650-a1d6-11e9-9b17-fcaa147e860e)NessusFreeBSD Local Security Checks
medium
126346Amazon Linux AMI : python27 (ALAS-2019-1230)NessusAmazon Linux Local Security Checks
medium
126285EulerOS 2.0 SP8 : python3 (EulerOS-SA-2019-1658)NessusHuawei Local Security Checks
medium
126284EulerOS 2.0 SP8 : python2 (EulerOS-SA-2019-1657)NessusHuawei Local Security Checks
medium
126223Debian DLA-1835-2 : python3.4 regression updateNessusDebian Local Security Checks
medium
126222Debian DLA-1834-1 : python2.7 security updateNessusDebian Local Security Checks
medium
126201Photon OS 1.0: Python3 PHSA-2019-1.0-0237NessusPhotonOS Local Security Checks
high
126200Photon OS 1.0: Python2 PHSA-2019-1.0-0237NessusPhotonOS Local Security Checks
high
126123Photon OS 1.0: Python2 PHSA-2019-1.0-0236NessusPhotonOS Local Security Checks
high
125604Amazon Linux AMI : python36 (ALAS-2019-1204)NessusAmazon Linux Local Security Checks
medium
125434Fedora 29 : python3 (2019-ec26883852)NessusFedora Local Security Checks
medium
125229Fedora 30 : python3 (2019-1ffd6b6064)NessusFedora Local Security Checks
medium