CVE-2019-9636 log
Source |
|
Severity | High |
Remote | Yes |
Type | Information disclosure |
Description | Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. A specially crafted URL could be incorrectly parsed by urllib.parse.urlsplit and urllib.parse.urlparse to locate cookies or authentication data and send that information to a different host than when parsed correctly. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-978 | python2 | 2.7.16-1 | 2.7.17-1 | High | Fixed | |
AVG-977 | python | 3.7.2-1 | 3.7.3-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
03 Nov 2019 | ASA-201911-4 | AVG-978 | python2 | High | information disclosure |
18 Jun 2019 | ASA-201906-17 | AVG-977 | python | High | information disclosure |