Vulnerabilites related to bottlepy - bottle
Vulnerability from fkie_nvd
Published
2021-01-18 12:15
Modified
2024-11-21 05:22
Severity ?
Summary
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| report@snyk.io | https://github.com/bottlepy/bottle | Product, Third Party Advisory | |
| report@snyk.io | https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html | Third Party Advisory | |
| report@snyk.io | https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/ | Third Party Advisory | |
| report@snyk.io | https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bottlepy/bottle | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bottlepy | bottle | * | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bottlepy:bottle:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2A48B7-D939-4AB5-A241-4071D99F0033",
"versionEndExcluding": "0.12.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter."
},
{
"lang": "es",
"value": "El paquete bottle desde versiones 0 y anteriores a 0.12.19, es vulnerable al Envenenamiento de Cach\u00e9 Web al usar un vector llamado encubrimiento de par\u00e1metros.\u0026#xa0;Cuando el atacante puede separar los par\u00e1metros de consulta usando un punto y coma (;), pueden causar una diferencia en la interpretaci\u00f3n de la petici\u00f3n entre el proxy (que se ejecuta con la configuraci\u00f3n predeterminada) y el servidor.\u0026#xa0;Esto puede resultar en que las peticiones maliciosas se almacenen en cach\u00e9 como completamente seguras, ya que el proxy normalmente no ver\u00eda el punto y coma como un separador y, por lo tanto, no lo incluir\u00eda en una clave de cach\u00e9 de un par\u00e1metro sin clave"
}
],
"id": "CVE-2020-28473",
"lastModified": "2024-11-21T05:22:51.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "report@snyk.io",
"type": "Secondary"
}
]
},
"published": "2021-01-18T12:15:12.707",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle"
},
{
"source": "report@snyk.io",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html"
},
{
"source": "report@snyk.io",
"tags": [
"Third Party Advisory"
],
"url": "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-444"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-12-16 09:59
Modified
2024-11-21 03:02
Severity ?
Summary
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2016/dsa-3743 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/94961 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/bottlepy/bottle/issues/913 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3743 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94961 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bottlepy/bottle/issues/913 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bottlepy | bottle | 0.12.10 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7C61B220-6383-4108-8B6D-D1394CDB4C5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "redirect() in bottle.py in bottle 0.12.10 doesn\u0027t filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call."
},
{
"lang": "es",
"value": "redirect() en bottle.py en bottle 0.12.10 no filtra una secuencia \"\\r\\n\", lo que lleva a un ataque CRLF, seg\u00fan lo demostrado por una llamada redireccionada (\"233\\r\\nSet-Cookie: name=salt\")."
}
],
"id": "CVE-2016-9964",
"lastModified": "2024-11-21T03:02:05.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-12-16T09:59:00.373",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3743"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94961"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/issues/913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/issues/913"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-93"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-25 22:55
Modified
2024-11-21 02:07
Severity ?
Summary
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bottlepy | bottle | 0.10.0 | |
| bottlepy | bottle | 0.10.1 | |
| bottlepy | bottle | 0.10.2 | |
| bottlepy | bottle | 0.10.3 | |
| bottlepy | bottle | 0.10.4 | |
| bottlepy | bottle | 0.10.5 | |
| bottlepy | bottle | 0.10.6 | |
| bottlepy | bottle | 0.10.7 | |
| bottlepy | bottle | 0.10.8 | |
| bottlepy | bottle | 0.10.9 | |
| bottlepy | bottle | 0.10.10 | |
| bottlepy | bottle | 0.10.11 | |
| bottlepy | bottle | 0.11.0 | |
| bottlepy | bottle | 0.11.1 | |
| bottlepy | bottle | 0.11.2 | |
| bottlepy | bottle | 0.11.3 | |
| bottlepy | bottle | 0.11.4 | |
| bottlepy | bottle | 0.11.5 | |
| bottlepy | bottle | 0.11.6 | |
| bottlepy | bottle | 0.11.7 | |
| bottlepy | bottle | 0.12.0 | |
| bottlepy | bottle | 0.12.1 | |
| bottlepy | bottle | 0.12.2 | |
| bottlepy | bottle | 0.12.3 | |
| bottlepy | bottle | 0.12.4 | |
| bottlepy | bottle | 0.12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E058D585-505D-40C8-981C-777FAD4CE76E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A873B4-3514-43C6-A56C-864F5C7D32A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05A9FBC1-3913-4415-9252-BAD64E7BAE24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C4AB11-2FE1-4838-9EB1-D717EF9C1913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6F182340-E3D4-4154-87F5-C7250F72CA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "54C815D7-B32C-48C3-93F1-E880663AA40C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "65727781-59B5-4B85-8A69-A941AF7FD96C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B206DC38-5709-476A-8E07-62274DC723DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "29775171-7DBF-49AE-9C50-2F4F459BD001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DD99B-DED7-479E-A667-EF25250258C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0F045CA7-D851-451C-B92C-58C4680ADA72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.10.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43C3596D-6479-4D86-87F4-AC2515F18606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22C49C4C-50F7-483A-83DF-B9661EB18CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5748B16-B590-432E-936F-96E7AD4DFF46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B60D53-D42D-4242-BED9-846002E04602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9E16DC59-B939-4364-8021-BDDCBFF9932E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA02677A-55EB-4013-AEF1-1B0036C4CF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4581ED-8D26-46C5-91C3-16D0ACB46B04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "057AA722-33F9-47A2-BC3F-5B3DF6C5539E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF7BE61-6F01-4698-A556-B2A0BAA6590D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08006A0E-C85B-498A-9D72-C523D6D2D119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE099C5-0490-4CD7-8DFD-9FA8B8A7BF02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA3D830-1F84-4FCE-BD9D-0698E38DBD71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D45AFE66-EF46-4A46-BBDA-493CCCFDE199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "43F38F6F-2A6C-406E-9756-1F41B70F8B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bottlepy:bottle:0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C4A37C-90A0-4DCF-BC9D-BC21CCFD430D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code."
},
{
"lang": "es",
"value": "Bottle 0.10.x anterior a 0.10.12, 0.11.x anterior a 0.11.7, y 0.12.x anterior a 0.12.6 no limita debidamente los tipos de contenido, lo que permite a atacantes remotos evadir las restricciones de acceso a trav\u00e9s de un tipo de contenido aceptado seguido por un ; (punto y coma) y un tipo de contenido que no ser\u00eda aceptado, tal y como fue demostrado en YouCompleteMe en ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2014-3137",
"lastModified": "2024-11-21T02:07:31.463",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-25T22:55:04.227",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2014/dsa-2948"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/05/01/15"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093255"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/defnull/bottle/issues/616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-2948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/05/01/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/defnull/bottle/issues/616"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-02 14:15
Modified
2024-11-21 07:05
Severity ?
Summary
Bottle before 0.12.20 mishandles errors during early request binding.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bottlepy | bottle | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bottlepy:bottle:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A477F9C-0555-4001-B286-1360CCAEB8D9",
"versionEndExcluding": "0.12.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bottle before 0.12.20 mishandles errors during early request binding."
},
{
"lang": "es",
"value": "Bottle versiones anteriores a 0.12.20, maneja inapropiadamente los errores durante la vinculaci\u00f3n temprana de peticiones"
}
],
"id": "CVE-2022-31799",
"lastModified": "2024-11-21T07:05:21.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-02T14:15:58.213",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5159"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-9964
Vulnerability from cvelistv5
Published
2016-12-16 09:02
Modified
2024-08-06 03:07
Severity ?
EPSS score ?
Summary
redirect() in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect("233\r\nSet-Cookie: name=salt") call.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/bottlepy/bottle/issues/913 | x_refsource_CONFIRM | |
| https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2016/dsa-3743 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/bid/94961 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bottlepy/bottle/issues/913"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54"
},
{
"name": "DSA-3743",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3743"
},
{
"name": "94961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94961"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "redirect() in bottle.py in bottle 0.12.10 doesn\u0027t filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bottlepy/bottle/issues/913"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54"
},
{
"name": "DSA-3743",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3743"
},
{
"name": "94961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94961"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "redirect() in bottle.py in bottle 0.12.10 doesn\u0027t filter a \"\\r\\n\" sequence, which leads to a CRLF attack, as demonstrated by a redirect(\"233\\r\\nSet-Cookie: name=salt\") call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bottlepy/bottle/issues/913",
"refsource": "CONFIRM",
"url": "https://github.com/bottlepy/bottle/issues/913"
},
{
"name": "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54",
"refsource": "CONFIRM",
"url": "https://github.com/bottlepy/bottle/commit/6d7e13da0f998820800ecb3fe9ccee4189aefb54"
},
{
"name": "DSA-3743",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3743"
},
{
"name": "94961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94961"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9964",
"datePublished": "2016-12-16T09:02:00",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-31799
Vulnerability from cvelistv5
Published
2022-05-29 21:25
Modified
2024-08-03 07:26
Severity ?
EPSS score ?
Summary
Bottle before 0.12.20 mishandles errors during early request binding.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00 | x_refsource_MISC | |
| https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c | x_refsource_MISC | |
| https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5159 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/ | vendor-advisory, x_refsource_FEDORA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20"
},
{
"name": "[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html"
},
{
"name": "DSA-5159",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5159"
},
{
"name": "FEDORA-2022-c1e107f37f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/"
},
{
"name": "FEDORA-2022-cc9a173168",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bottle before 0.12.20 mishandles errors during early request binding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-22T02:06:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20"
},
{
"name": "[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html"
},
{
"name": "DSA-5159",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5159"
},
{
"name": "FEDORA-2022-c1e107f37f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/"
},
{
"name": "FEDORA-2022-cc9a173168",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-31799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bottle before 0.12.20 mishandles errors during early request binding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00",
"refsource": "MISC",
"url": "https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00"
},
{
"name": "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c",
"refsource": "MISC",
"url": "https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c"
},
{
"name": "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20",
"refsource": "MISC",
"url": "https://github.com/bottlepy/bottle/compare/0.12.19...0.12.20"
},
{
"name": "[debian-lts-announce] 20220608 [SECURITY] [DLA 3048-1] python-bottle security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/06/msg00010.html"
},
{
"name": "DSA-5159",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5159"
},
{
"name": "FEDORA-2022-c1e107f37f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/"
},
{
"name": "FEDORA-2022-cc9a173168",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-31799",
"datePublished": "2022-05-29T21:25:44",
"dateReserved": "2022-05-29T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-28473
Vulnerability from cvelistv5
Published
2021-01-18 11:15
Modified
2024-09-16 20:41
Severity ?
EPSS score ?
Summary
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108 | x_refsource_MISC | |
| https://github.com/bottlepy/bottle | x_refsource_MISC | |
| https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/ | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html | mailing-list, x_refsource_MLIST |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:40:58.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bottlepy/bottle"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/"
},
{
"name": "[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "bottle",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "0.12.19",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Snyk Security Team"
}
],
"datePublic": "2021-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Web Cache Poisoning",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-24T21:06:09",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bottlepy/bottle"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/"
},
{
"name": "[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html"
}
],
"title": "Web Cache Poisoning",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2021-01-18T11:12:14.506344Z",
"ID": "CVE-2020-28473",
"STATE": "PUBLIC",
"TITLE": "Web Cache Poisoning"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "bottle",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "0"
},
{
"version_affected": "\u003c",
"version_value": "0.12.19"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Snyk Security Team"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Web Cache Poisoning"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108"
},
{
"name": "https://github.com/bottlepy/bottle",
"refsource": "MISC",
"url": "https://github.com/bottlepy/bottle"
},
{
"name": "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/",
"refsource": "CONFIRM",
"url": "https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/"
},
{
"name": "[debian-lts-announce] 20210124 [SECURITY] [DLA 2531-1] python-bottle security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-28473",
"datePublished": "2021-01-18T11:15:14.918598Z",
"dateReserved": "2020-11-12T00:00:00",
"dateUpdated": "2024-09-16T20:41:35.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3137
Vulnerability from cvelistv5
Published
2014-10-25 22:00
Modified
2024-08-06 10:35
Severity ?
EPSS score ?
Summary
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/defnull/bottle/issues/616 | x_refsource_CONFIRM | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1093255 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2014/05/01/15 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2014/dsa-2948 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:56.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/defnull/bottle/issues/616"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093255"
},
{
"name": "[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/01/15"
},
{
"name": "DSA-2948",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-2948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-10-25T21:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/defnull/bottle/issues/616"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093255"
},
{
"name": "[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/05/01/15"
},
{
"name": "DSA-2948",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-2948"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepted Content-Type followed by a ; (semi-colon) and a Content-Type that would not be accepted, as demonstrated in YouCompleteMe to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/defnull/bottle/issues/616",
"refsource": "CONFIRM",
"url": "https://github.com/defnull/bottle/issues/616"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1093255",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1093255"
},
{
"name": "[oss-security] 20140501 Re: CVE request: Python Bottle JSON content-type not restrictive enough",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/01/15"
},
{
"name": "DSA-2948",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2948"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3137",
"datePublished": "2014-10-25T22:00:00",
"dateReserved": "2014-05-01T00:00:00",
"dateUpdated": "2024-08-06T10:35:56.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}