Main Vulnerability Database SB2025052007

SB2025052007 - Anolis OS update for python39:3.9 module

Published: May 20, 2025

Security Bulletin ID SB2025052007

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security features bypass (CVE-ID: CVE-2022-2255)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to mod_wsgi does not correctly remove the X-Client-IP header when processing requests from untrusted proxies. A remote attacker can pass a trusted proxy IP address via the X-Client-IP HTTP header and bypass implemented security restrictions.

Remediation

Install update from vendor's website.

References

https://anas.openanolis.cn/errata/detail/ANSA-2025:0262

Vulnerable Software

Anolis OS: 8
python39-setuptools-wheel: before 50.3.2-6
python39-setuptools: before 50.3.2-6
python39-rpm-macros: before 3.9.20-1.0.1
python39-tkinter: before 3.9.20-1.0.1
python39-test: before 3.9.20-1.0.1
python39-libs: before 3.9.20-1.0.1
python39-idle: before 3.9.20-1.0.1
python39-devel: before 3.9.20-1.0.1
python39-debug: before 3.9.20-1.0.1
python39: before 3.9.20-1.0.1
python39-pip-wheel: before 20.2.4-9
python39-pip: before 20.2.4-9
python39-idna: before 2.10-4
python39-psycopg2-tests: before 2.8.6-3.0.1
python39-psycopg2-doc: before 2.8.6-3.0.1
python39-psycopg2: before 2.8.6-3.0.1
python39-cryptography: before 3.3.1-3
python39-urllib3: before 1.25.10-5
python39-requests: before 2.25.0-3
python39-pytest: before 6.0.2-2.0.1
python39-scipy: before 1.5.4-5.0.1
python39-mod_wsgi: before 4.7.1-7
python39-numpy-doc: before 1.19.4-3.0.1
python39-numpy-f2py: before 1.19.4-3.0.1
python39-numpy: before 1.19.4-3.0.1
python39-wheel-wheel: before 0.35.1-4
python39-wheel: before 0.35.1-4
python39-wcwidth: before 0.2.5-3
python39-toml: before 0.10.1-5
python39-six: before 1.15.0-3
python39-pysocks: before 1.7.1-4
python39-pyparsing: before 2.4.7-5
python39-pycparser: before 2.20-3
python39-py: before 1.10.0-1
python39-ply: before 3.11-10
python39-pluggy: before 0.13.1-3
python39-packaging: before 20.4-4
python39-more-itertools: before 8.5.0-2
python39-iniconfig: before 1.1.1-2
python39-chardet: before 3.0.4-19
python39-attrs: before 20.3.0-2
python39-PyMySQL: before 0.10.1-2
python39-pyyaml: before 5.4.1-1
python39-pybind11-devel: before 2.7.1-1
python39-pybind11: before 2.7.1-1
python39-psutil: before 5.8.0-4.0.1
python39-lxml: before 4.6.5-1
python39-cffi: before 1.14.3-2
python39-Cython: before 0.29.21-5