PT-2011-3187 · Python+2 · Python+2

Publicado

2011-05-05

Atualizado

2024-06-15

CVE-2011-1521

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions Python versions prior to 2.7.2 Python versions prior to 3.2.1

Description The issue allows remote attackers to obtain sensitive information or cause a denial of service by specifying redirection to file: URLs in Location headers. This can be achieved through crafted URLs, such as file:///etc/passwd or file:///dev/zero.

Recommendations For versions prior to 2.7.2, update to version 2.7.2 or later to resolve the issue. For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2011-1521

DLA-25-1

OPENSUSE-SU-2024:10536-1

OPENSUSE-SU-2024:11202-1

PSF-2011-2

RHSA-2011:0491

RHSA-2011:0492

RHSA-2011:0554

RHSA-2011_0491

RHSA-2011_0492

RHSA-2011_0554

SUSE-SU-2020:0234-1

Produtos afetados

Python

Red Hat

Suse

PT-2011-3187 · Python+2 · Python+2

CVE-2011-1521

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 184