Red Hat Software Collections update for rh-python38-python

1) Path traversal

EUVDB-ID: #VU67583

Risk: High

CVSSv4.0: 8.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2007-4559

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper validation of filenames in the tarfile module in Python. A remote attacker can create a specially crafted archive with symbolic links inside or filenames that contain directory traversal characters (e.g. "..") and overwrite arbitrary files on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Incorrect Regular Expression

EUVDB-ID: #VU71379

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-40897

CWE-ID: CWE-185 - Incorrect Regular Expression

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing HTML content. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Input validation error

EUVDB-ID: #VU71377

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-40898

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input passed to wheel cli. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource exhaustion

EUVDB-ID: #VU69392

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-45061

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of an unnecessary quadratic algorithm in one path when processing some inputs to the IDNA (RFC 3490) decoder. A remote attacker can pass a specially crafted name to he decoder, trigger resource excessive CPU consumption and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Error Handling

EUVDB-ID: #VU72036

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-23931

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows an attacker to misuse Python API.

The vulnerability exists due to a soundness bug within the Cipher.update_into function, which can allow immutable objects (such as bytes) to be mutated. A malicious programmer can misuse Python API to introduce unexpected behavior into the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Input validation error

EUVDB-ID: #VU72618

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-24329

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented filters.

The vulnerability exists due to insufficient validation of URLs that start with blank characters within urllib.parse component of Python. A remote attacker can pass specially crafted URL to bypass existing filters.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Information disclosure

EUVDB-ID: #VU77164

Risk: Medium

CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2023-32681

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

8) Cleartext transmission of sensitive information

EUVDB-ID: #VU80228

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-40217

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error in ssl.SSLSocket implementation when handling TLS client authentication. A remote attacker can trick the application to send data unencrypted.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

rh-python38-python-wheel (Red Hat package): before 0.33.6-9.el7

rh-python38-python-setuptools (Red Hat package): before 41.6.0-8.el7

rh-python38-python-requests (Red Hat package): before 2.22.0-11.el7

rh-python38-python-pip (Red Hat package): before 19.3.1-4.el7

rh-python38-python-cryptography (Red Hat package): before 2.8-6.el7

rh-python38-python (Red Hat package): before 3.8.18-2.el7

CPE2.3

• cpe:2.3:a:red_hat:rh-python38-python-wheel_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-setuptools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-requests_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-pip_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python-cryptography_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
• cpe:2.3:a:red_hat:rh-python38-python_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*

External links

https://access.redhat.com/errata/RHSA-2023:6793

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.