SB2019052234 - Red Hat Software Collections update for python27-python and python27-python-jinja2

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019052234

SB2019052234 - Red Hat Software Collections update for python27-python and python27-python-jinja2

Published: May 22, 2019

Security Bulletin ID SB2019052234
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2016-10745)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to information disclosure in str.format in Pallets Jinja. A remote attacker can gain unauthorized access to sensitive information and use it to escape sandbox.


2) Improper input validation (CVE-ID: CVE-2018-1060)

The vulnerability allows a remote attacker to cause DoS condition on he target system.

The weakness exists due to the way catastrophic backtracking was implemented in apop() method in pop3lib. A remote attacker can cause the service to crash.

3) Improper input validation (CVE-ID: CVE-2018-1061)

The vulnerability allows a remote attacker to cause DoS condition on he target system.

The weakness exists due to the way catastrophic backtracking was implemented in python's difflib.IS_LINE_JUNK method difflib. A remote attacker can cause the service to crash.

4) XXE attack (CVE-ID: CVE-2018-14647)

The vulnerability allows a remote attacker to conduct XXE-attack.

The vulnerability exists due to improper handling of XML External Entities (XXEs) when parsing an XML file. A remote attacker can trick the victim into open an XML file that submits malicious input, trigger pathological hash collisions in Expat's internal data structures, consume large amounts CPU and RAM, and cause a denial of service (DoS) condition.


5) CRLF injection (CVE-ID: CVE-2019-9740)

The vulnerability allows a remote attacker to perform CRLF injection attacks.

The vulnerability exists within urllib2 implementation for Python 2.x and urllib3 implementation for Python 3.x when processing the path component of a URL after the "?" character within the urllib.request.urlopen() call. A remote attacker with ability to control URL, passed to the application, can use CRLF sequences to split the HTTP request and inject arbitrary HTTP headers into request, made by the application.


6) CRLF injection (CVE-ID: CVE-2019-9947)

The vulnerability allows a remote attacker to perform CRLF injection attacks.

The vulnerability exists within urllib2 implementation for Python 2.x and urllib3 implementation for Python 3.x when processing the path component of a URL that lacks the "?" character within the urllib.request.urlopen() call. A remote attacker with ability to control URL, passed to the application, can use CRLF sequences to split the HTTP request and inject arbitrary HTTP headers into request, made by the application.


Remediation

Install update from vendor's website.

References