REDHAT-BUG-1688169: CRLF Injection
First published: Wed Mar 13 2019(Updated: )
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n followed by an HTTP header or a Redis command. Reference: <a href="https://bugs.python.org/issue36276">https://bugs.python.org/issue36276</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| urllib | >=2.0<=2.7.16 | |
| urllib3 | >=3.0<=3.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugs.python.org/issue36276
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1688170
- https://bugs.python.org/issue30458
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706851
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706855
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706852
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706853
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706854
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706850
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1706849
- https://github.com/python/cpython/pull/12755
- https://access.redhat.com/errata/RHSA-2019:1260
- https://python-security.readthedocs.io/vuln/http-header-injection2.html
- https://github.com/python/cpython/commit/c4e671eec20dfcb29b18596a89ef075f826c9f96
- https://github.com/python/cpython/commit/b7378d77289c911ca6a0c0afaf513879002df7d5
- https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
- https://access.redhat.com/errata/RHSA-2019:2030
- https://access.redhat.com/errata/RHSA-2019:3335
- https://access.redhat.com/errata/RHSA-2019:3520
- https://access.redhat.com/errata/RHSA-2019:3725
- https://access.redhat.com/errata/RHSA-2020:1268
- https://access.redhat.com/errata/RHSA-2020:1346
- https://access.redhat.com/errata/RHSA-2020:1462
- https://bugzilla.redhat.com/show_bug.cgi?id=1688169
Frequently Asked Questions
What is the severity of REDHAT-BUG-1688169?
The severity of REDHAT-BUG-1688169 is significant due to the potential for CRLF injection attacks.
How do I fix REDHAT-BUG-1688169?
To fix REDHAT-BUG-1688169, upgrade to Python 2.7.17 or higher for urllib2 and Python 3.7.3 or higher for urllib.
Which versions are affected by REDHAT-BUG-1688169?
Versions of urllib2 before 2.7.17 and urllib before 3.7.3 are affected by REDHAT-BUG-1688169.
What types of attacks can REDHAT-BUG-1688169 facilitate?
REDHAT-BUG-1688169 can facilitate CRLF injection attacks if an attacker controls the URL parameter.
What components are involved in REDHAT-BUG-1688169?
The components involved in REDHAT-BUG-1688169 are urllib2 for Python 2.x and urllib for Python 3.x.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-9740
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/python
- canonical/urllib
- canonical/urllib3