CVE-2019-18348

Advisory lineage Upstream: 0 Downstream: 22
Modified
Published: 23 Oct 2019, 16:31
Last modified:05 Aug 2024, 01:54

Vulnerability Summary

Overall Risk (default)
medium
25/100
CVSS Score
6.1 MEDIUM
v3.1 (nvd)
EPSS Score
2.67% LOW
3% probability -0.49%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

23 Oct 2019, 16:31
Published
Vulnerability first disclosed
05 Aug 2024, 01:54
Last Modified
Vulnerability information updated

Description

An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.

CVSS Metrics

  • v3.1MEDIUMScore: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  • v2.0MEDIUMScore: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 2.67% Percentile: 86%

Techniques & Countermeasures

  • CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

    The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

Affected Systems

  • pythonpython

    ≥ 2.0, ≤ 2.7.17 | ≥ 3.0, < 3.5.10 | ≥ 3.6.0, < 3.6.11 | ≥ 3.7.0, < 3.7.8 | ≥ 3.8.0, < 3.8.3

References (13)