SB2022111833 - SUSE update for python-Twisted 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022111833

SB2022111833 - SUSE update for python-Twisted

Published: November 18, 2022

Security Bulletin ID SB2022111833
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2019-12387)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.


2) Inconsistent interpretation of HTTP requests (CVE-ID: CVE-2020-10108)

The vulnerability allows a remote attacker to perform HTTP request smuggling attacks.

The vulnerability exists due to an error when processing two Content-length headers, sent within one HTTP request that caused the request body to be interpreted as a pipelined request. A remote attacker can send a specially crafted HTTP request to the affected web server and posing HTTP cache or perform other attacks against web application.


3) Origin validation error (CVE-ID: CVE-2022-21712)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to origin validation error in the "twited.web.RedirectAgent" and "twisted.web.BrowserLikeRedirectAgent" functions. A remote attacker attacker can trick the victim to click on a specially crafted link and obtain cookies and authorization headers.


4) Cross-site scripting (CVE-ID: CVE-2022-39348)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied datawithin "NameVirtualHost". A remote user can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


Remediation

Install update from vendor's website.

References