levyforchh / clusterfuzz Goto Github PK

Vulnerable Library - Twisted-14.0.0.tar.bz2

An asynchronous networking framework written in Python

Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks

Dependency Hierarchy:

• ❌ Twisted-14.0.0.tar.bz2 (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.

Publish Date: 2020-03-11

URL: CVE-2016-1000111

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1000111

Release Date: 2016-06-20

Fix Resolution: 16.3.1

Vulnerable Library - tlslite-0.4.6.tar.gz

tlslite implements SSL and TLS.

Library home page: https://files.pythonhosted.org/packages/29/cf/22c98d36af1f38150e2c0a79589fee799b72eeb91e49ce184e6f3ccb3991/tlslite-0.4.6.tar.gz

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/requirements.txt,clusterfuzz/src/platform_requirements.txt,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/requirements.txt

Dependency Hierarchy:

• ❌ tlslite-0.4.6.tar.gz (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

The tlslite library before 0.4.9 for Python allows remote attackers to trigger a denial of service (runtime exception and process crash).

Publish Date: 2017-06-13

URL: CVE-2015-3220

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-3220

Release Date: 2017-06-13

Fix Resolution: 0.4.9

Vulnerable Library - PyYAML-5.1.tar.gz

YAML parser and emitter for Python

Library home page: https://files.pythonhosted.org/packages/9f/2c/9417b5c774792634834e730932745bc09a7d36754ca00acf1ccd1ac2594d/PyYAML-5.1.tar.gz

Path to dependency file: clusterfuzz/src/python/bot/tasks

Path to vulnerable library: clusterfuzz/src/python/bot/tasks,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/requirements.txt,clusterfuzz/src/platform_requirements.txt

Dependency Hierarchy:

• ❌ PyYAML-5.1.tar.gz (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.

Publish Date: 2020-03-24

URL: CVE-2020-1747

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747

Release Date: 2020-03-24

Fix Resolution: 5.3.1

Vulnerable Library - cryptography-3.0-cp27-cp27mu-manylinux2010_x86_64.whl

cryptography is a package which provides cryptographic recipes and primitives to Python developers.

Library home page: https://files.pythonhosted.org/packages/b8/86/2692315807539c0f6452c58661d268c88d5fb79acf6c13279eb7b87ecd81/cryptography-3.0-cp27-cp27mu-manylinux2010_x86_64.whl

Path to dependency file: clusterfuzz/src/appengine/requirements.txt

Path to vulnerable library: clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/platform_requirements.txt

Dependency Hierarchy:

• pyOpenSSL-19.1.0-py2.py3-none-any.whl (Root Library)
  • ❌ cryptography-3.0-cp27-cp27mu-manylinux2010_x86_64.whl (Vulnerable Library)

Vulnerability Details

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.

Publish Date: 2021-02-07

URL: CVE-2020-36242

CVSS 3 Score Details (9.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst

Release Date: 2021-02-07

Fix Resolution: cryptography - 3.3.2

Vulnerable Library - rsa-4.0-py2.py3-none-any.whl

Pure-Python RSA implementation

Library home page: https://files.pythonhosted.org/packages/02/e5/38518af393f7c214357079ce67a317307936896e961e35450b70fad2a9cf/rsa-4.0-py2.py3-none-any.whl

Path to dependency file: clusterfuzz/src/platform_requirements.txt

Path to vulnerable library: clusterfuzz/src/platform_requirements.txt,clusterfuzz/src/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/local/butler/scripts

Dependency Hierarchy:

• ❌ rsa-4.0-py2.py3-none-any.whl (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).

Publish Date: 2020-06-01

URL: CVE-2020-13757

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: sybrenstuvel/python-rsa@3283b12

Release Date: 2020-06-01

Fix Resolution: rsa - 4.1

Vulnerable Library - Twisted-14.0.0.tar.bz2

An asynchronous networking framework written in Python

Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks

Dependency Hierarchy:

• ❌ Twisted-14.0.0.tar.bz2 (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

Python Twisted 14.0 trustRoot is not respected in HTTP client

Publish Date: 2019-11-12

URL: CVE-2014-7143

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-7143

Release Date: 2019-05-30

Fix Resolution: 14.0.1

Vulnerable Library - psutil-2.1.1.tar.gz

Cross-platform lib for process and system monitoring in Python.

Library home page: https://files.pythonhosted.org/packages/64/4b/70601d39b8e445265ed148affc49f7bfbd246940637785be5c80e007fa6e/psutil-2.1.1.tar.gz

Path to dependency file: clusterfuzz/src/python/bot/untrusted_runner/build

Path to vulnerable library: clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/tasks,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt

Dependency Hierarchy:

• ❌ psutil-2.1.1.tar.gz (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.

Publish Date: 2019-11-12

URL: CVE-2019-18874

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18874

Release Date: 2019-11-12

Fix Resolution: 5.6.6

Vulnerable Library - Twisted-14.0.0.tar.bz2

An asynchronous networking framework written in Python

Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks

Dependency Hierarchy:

• ❌ Twisted-14.0.0.tar.bz2 (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

Publish Date: 2019-06-10

URL: CVE-2019-12387

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12387

Release Date: 2019-06-10

Fix Resolution: 19.2.1

Vulnerability Details

A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code.

Publish Date: 2020-12-03

URL: CVE-2020-27783

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1901633

Release Date: 2020-10-27

Fix Resolution: 4.6.1

Vulnerable Library - lxml-3.3.5.tar.gz

Powerful and Pythonic XML processing library combining libxml2/libxslt with the ElementTree API.

Library home page: https://files.pythonhosted.org/packages/ae/a8/ad6c2350c65b357faf9a06c7428b5c6159b01bd3014eed93a75513843063/lxml-3.3.5.tar.gz

Path to dependency file: clusterfuzz/src/python/bot/untrusted_runner/build

Path to vulnerable library: clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/appengine/handlers/cron/project

Dependency Hierarchy:

• ❌ lxml-3.3.5.tar.gz (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the lxml.html.clean module does not remove javascript: URLs that use escaping, allowing a remote attacker to conduct XSS attacks, as demonstrated by "j a v a s c r i p t:" in Internet Explorer. This is a similar issue to CVE-2014-3146.

Publish Date: 2018-12-02

URL: CVE-2018-19787

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19787

Fix Resolution: lxml-4.2.5

Vulnerable Library - Twisted-14.0.0.tar.bz2

An asynchronous networking framework written in Python

Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks

Dependency Hierarchy:

• ❌ Twisted-14.0.0.tar.bz2 (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.

Publish Date: 2020-03-12

URL: CVE-2020-10109

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-p5xh-vx83-mxcj

Release Date: 2020-03-12

Fix Resolution: twisted - 20.3.0

Vulnerability Details

lxml 4.6.2 allows XSS. It places the HTML action attribute into defs.link_attrs (in html/defs.py) for later use in input sanitization, but does not do the same for the HTML5 formaction attribute.

Publish Date: 2021-03-21

URL: CVE-2021-28957

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28957

Release Date: 2021-03-21

Fix Resolution: 4.6.2

Vulnerable Library - PyYAML-5.1.tar.gz

YAML parser and emitter for Python

Library home page: https://files.pythonhosted.org/packages/9f/2c/9417b5c774792634834e730932745bc09a7d36754ca00acf1ccd1ac2594d/PyYAML-5.1.tar.gz

Path to dependency file: clusterfuzz/src/python/bot/tasks

Path to vulnerable library: clusterfuzz/src/python/bot/tasks,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/requirements.txt,clusterfuzz/src/platform_requirements.txt

Dependency Hierarchy:

• ❌ PyYAML-5.1.tar.gz (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.

Publish Date: 2020-02-19

URL: CVE-2019-20477

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20477

Release Date: 2020-02-19

Fix Resolution: 5.2

Vulnerable Library - Twisted-14.0.0.tar.bz2

An asynchronous networking framework written in Python

Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks

Dependency Hierarchy:

• ❌ Twisted-14.0.0.tar.bz2 (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.

Publish Date: 2019-06-16

URL: CVE-2019-12855

CVSS 3 Score Details (7.4)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Change files

Origin: GHSA-65rm-h285-5cc5

Release Date: 2019-12-19

Fix Resolution: Replace or update the following file: 19.7.0

Vulnerable Library - Twisted-14.0.0.tar.bz2

An asynchronous networking framework written in Python

Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2

Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt

Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks

Dependency Hierarchy:

• ❌ Twisted-14.0.0.tar.bz2 (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request.

Publish Date: 2020-03-12

URL: CVE-2020-10108

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-h96w-mmrf-2h6v

Release Date: 2020-03-12

Fix Resolution: twisted - 20.3.0

Vulnerable Library - tlslite-ng-0.7.5.tar.gz

Pure python implementation of SSL and TLS.

Library home page: https://files.pythonhosted.org/packages/53/3e/2299471198f82fd3c5ba3078609d5100d39037270b13a1ae56b35a7b19a1/tlslite-ng-0.7.5.tar.gz

Path to dependency file: clusterfuzz/src/platform_requirements.txt

Path to vulnerable library: clusterfuzz/src/platform_requirements.txt,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/requirements.txt,clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/python/bot/untrusted_runner/build

Dependency Hierarchy:

• ❌ tlslite-ng-0.7.5.tar.gz (Vulnerable Library)

Vulnerability Details

tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols. In tlslite-ng before versions 0.7.6 and 0.8.0-alpha39, the code that performs decryption and padding check in RSA PKCS#1 v1.5 decryption is data dependant. In particular, the code has multiple ways in which it leaks information about the decrypted ciphertext. It aborts as soon as the plaintext doesn't start with 0x00, 0x02. All TLS servers that enable RSA key exchange as well as applications that use the RSA decryption API directly are vulnerable. This is patched in versions 0.7.6 and 0.8.0-alpha39. Note: the patches depend on Python processing the individual bytes in side-channel free manner, this is known to not the case (see reference). As such, users that require side-channel resistance are recommended to use different TLS implementations, as stated in the security policy of tlslite-ng.

Publish Date: 2020-12-21

URL: CVE-2020-26263

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-wvcv-832q-fjg7

Release Date: 2020-12-21

Fix Resolution: 0.8.0-alpha39, 0.7.6

Vulnerable Library - cryptography-3.0-cp27-cp27mu-manylinux2010_x86_64.whl

cryptography is a package which provides cryptographic recipes and primitives to Python developers.

Library home page: https://files.pythonhosted.org/packages/b8/86/2692315807539c0f6452c58661d268c88d5fb79acf6c13279eb7b87ecd81/cryptography-3.0-cp27-cp27mu-manylinux2010_x86_64.whl

Path to dependency file: clusterfuzz/src/appengine/requirements.txt

Path to vulnerable library: clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/platform_requirements.txt

Dependency Hierarchy:

• pyOpenSSL-19.1.0-py2.py3-none-any.whl (Root Library)
  • ❌ cryptography-3.0-cp27-cp27mu-manylinux2010_x86_64.whl (Vulnerable Library)

Vulnerability Details

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.

Publish Date: 2021-01-11

URL: CVE-2020-25659

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Change files

Origin: pyca/cryptography@58494b4

Release Date: 2020-10-26

Fix Resolution: Replace or update the following file: rsa.py

Vulnerable Library - ipaddress-1.0.23-py2.py3-none-any.whl

IPv4/IPv6 manipulation library

Library home page: https://files.pythonhosted.org/packages/c2/f8/49697181b1651d8347d24c095ce46c7346c37335ddc7d255833e7cde674d/ipaddress-1.0.23-py2.py3-none-any.whl

Path to dependency file: clusterfuzz/src/appengine/requirements.txt

Path to vulnerable library: clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks,clusterfuzz/src/platform_requirements.txt

Dependency Hierarchy:

• ❌ ipaddress-1.0.23-py2.py3-none-any.whl (Vulnerable Library)

Vulnerability Details

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10, v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1; v3.9.0, v3.9.0b4, v3.9.0b5, v3.9.0rc1, v3.9.0rc2.

Publish Date: 2020-06-18

URL: CVE-2020-14422

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://security-tracker.debian.org/tracker/CVE-2020-14422

Release Date: 2020-06-18

Fix Resolution: 3.5.3-1+deb9u2, 3.7.3-2+deb10u2, 3.8.4~rc1-1

Vulnerable Library - kramdown-1.17.0.gem

kramdown is yet-another-markdown-parser but fast, pure Ruby, using a strict syntax definition and supporting several common extensions.

Library home page: https://rubygems.org/gems/kramdown-1.17.0.gem

Dependency Hierarchy:

• github-pages-206.gem (Root Library)
  • jekyll-default-layout-0.1.4.gem
    • jekyll-3.8.7.gem
      • ❌ kramdown-1.17.0.gem (Vulnerable Library)

Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597

Vulnerability Details

The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum.

Publish Date: 2020-07-17

URL: CVE-2020-14001

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14001

Release Date: 2020-07-17

Fix Resolution: kramdown - 2.3.0

Vulnerable Library - PyYAML-5.1.tar.gz

YAML parser and emitter for Python

Library home page: https://files.pythonhosted.org/packages/9f/2c/9417b5c774792634834e730932745bc09a7d36754ca00acf1ccd1ac2594d/PyYAML-5.1.tar.gz

Path to dependency file: clusterfuzz/src/python/bot/tasks

Path to vulnerable library: clusterfuzz/src/python/bot/tasks,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/appengine/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/requirements.txt,clusterfuzz/src/platform_requirements.txt

Dependency Hierarchy:

• ❌ PyYAML-5.1.tar.gz (Vulnerable Library)

Vulnerability Details

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.

Publish Date: 2021-02-09

URL: CVE-2020-14343

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14343

Release Date: 2021-02-09

Fix Resolution: PyYAML - 5.4