PT-2019-2858 · Python+6 · Python+6

Jonathan Birch

+1

·

Published

2019-06-07

·

Updated

2024-07-11

·

CVE-2019-10160

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Python (affected versions not specified)
Description The issue is related to errors in handling registration data in the urllib.parse.urlsplit and urllib.parse.urlparse functions of the Python programming language interpreter. Exploitation of this issue may allow an attacker to disclose protected information, read or write arbitrary data, or cause a denial of service. The exploitation enables a remote attacker to access confidential data.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-172CWE-255CWE-522

Related Identifiers

ALT-PU-2019-2535
ALT-PU-2019-2944
ALT-PU-2019-3103
ALT-PU-2020-3318
BDU:2019-02825
CESA-2019_1587
CVE-2019-10160
DLA-1834-1
DLA-2280-1
DLA-2337-1
MGASA-2019-0318
OPENSUSE-SU-2019:1906-1
OPENSUSE-SU-2019_1906-1
OPENSUSE-SU-2020:0086-1
OPENSUSE-SU-2020_0086-1
OPENSUSE-SU-2024:11202-1
OPENSUSE-SU-2024:11284-1
PSF-2019-3
RHSA-2019:1587
RHSA-2019:1700
RHSA-2019:2437
RHSA-2019_1587
SUSE-SU-2019:14142-1
SUSE-SU-2019:14246-1
SUSE-SU-2019:2050-1
SUSE-SU-2019:2053-1
SUSE-SU-2019:2053-2
SUSE-SU-2019:2064-1
SUSE-SU-2019:2091-1
SUSE-SU-2019_14142-1
SUSE-SU-2019_14246-1
SUSE-SU-2019_2064-1
SUSE-SU-2020:0114-1
SUSE-SU-2020:0234-1
SUSE-SU-2020:0302-1
USN-4127-1
USN-4127-2
USN-6891-1

Affected Products

Alt Linux
Centos
Linuxmint
Python
Red Hat
Suse
Ubuntu