REDHAT-BUG-1695572: CRLF Injection
First published: Wed Apr 03 2019(Updated: )
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL) followed by an HTTP header or a Redis command. This is similar to <a href="https://access.redhat.com/security/cve/CVE-2019-9740">CVE-2019-9740</a> query string issue. Reference: <a href="https://bugs.python.org/issue35906">https://bugs.python.org/issue35906</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| urllib | >=2.0<2.7.16 | |
| urllib3 | >=3.0<3.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2019-9740
- https://bugs.python.org/issue35906
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1695599
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1695600
- https://bugs.python.org/issue30458
- https://access.redhat.com/security/cve/CVE-2016-5699
- https://bugs.python.org/issue22928
- https://access.redhat.com/security/cve/CVE-2019-9947
- https://bugs.python.org/issue30458#msg339846
- https://github.com/urllib3/urllib3
- https://github.com/urllib3/urllib3/issues/1553
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698976
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698977
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698978
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698979
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698980
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698981
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1698982
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1700684
- https://access.redhat.com/security/cve/CVE-2019-11236
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1700824
- https://access.redhat.com/errata/RHSA-2019:1260
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1695572#c15
- https://github.com/python/cpython/pull/12755/files
- https://access.redhat.com/security/cve/CVE-2016-10739
- https://github.com/python/cpython/commit/c4e671eec20dfcb29b18596a89ef075f826c9f96
- https://github.com/python/cpython/commit/b7378d77289c911ca6a0c0afaf513879002df7d5
- https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
- https://python-security.readthedocs.io/vuln/http-header-injection2.html
- https://access.redhat.com/errata/RHSA-2019:2030
- https://access.redhat.com/errata/RHSA-2019:3335
- https://access.redhat.com/errata/RHSA-2019:3520
- https://access.redhat.com/errata/RHSA-2019:3725
- https://access.redhat.com/errata/RHSA-2020:1268
- https://access.redhat.com/errata/RHSA-2020:1346
- https://access.redhat.com/errata/RHSA-2020:1462
- https://bugzilla.redhat.com/show_bug.cgi?id=1695572
Frequently Asked Questions
What is the severity of REDHAT-BUG-1695572?
The vulnerability REDHAT-BUG-1695572 is classified as a CRLF injection issue which can severely impact the integrity of applications that rely on URL parsing.
How do I fix REDHAT-BUG-1695572?
To mitigate the risks associated with REDHAT-BUG-1695572, upgrade Python versions to at least 2.7.17 for Python 2.x and 3.7.3 for Python 3.x.
What software is affected by REDHAT-BUG-1695572?
The affected software for REDHAT-BUG-1695572 includes Python urllib2 versions up to 2.7.16 and Python urllib versions up to 3.7.2.
What type of attack does REDHAT-BUG-1695572 enable?
REDHAT-BUG-1695572 allows attackers to perform CRLF injection attacks through controlled URL parameters.
Is authentication required to exploit REDHAT-BUG-1695572?
No, exploitation of REDHAT-BUG-1695572 does not require authentication, making it a significant risk.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-9947
- agent/source
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/python
- canonical/urllib
- canonical/urllib3