November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – APT28 or Sofacy/Fancy Bear Returns With New Malware
May 23, 2019Rewterz Threat Advisory – Amazon Linux update for java-1.7.0-openjdk Multiple Vulnerabilities
May 23, 2019Rewterz Threat Alert – APT28 or Sofacy/Fancy Bear Returns With New Malware
May 23, 2019Rewterz Threat Advisory – Amazon Linux update for java-1.7.0-openjdk Multiple Vulnerabilities
May 23, 2019
Severity
Medium
Analysis Summary
Red Hat has issued an update for python27-python and python27-python-jinja2. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct HTTP header injection attacks.
CVE-2018-1061
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2019-9947
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string or PATH_INFO) followed by an HTTP header or a Redis command. This is similar to CVE-2019-9740.
CVE-2016-10745
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
CVE-2018-1060
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib’s apop() method. An attacker could use this flaw to cause denial of service.
CVE-2019-9740
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n followed by an HTTP header or a Redis command.
CVE-2019-11236
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVE-2018-14647
Python’s elementtree C accelerator failed to initialise Expat’s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat’s internal data structures, consuming large amounts CPU and RAM.
Impact
- Cross Site Scripting
- Denial of Service
- Sandbox Escaping
Affected Vendors
RedHat
Affected Products
Red Hat Software Collections 1.x
Remediation
Updated packages are available via Red Hat Network.
https://rhn.redhat.com/
Original Advisory:
https://access.redhat.com/errata/RHSA-2019:1260
How to Apply Package Updates: