CVE-2023-24329

Updated: 2023-11-07 19:12:14.031135

Description:

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU python3 3.9.16 7.5 HIGH Released CLSA-2023:1701444455 2023-12-01 13:11:10
CentOS 6 ELS python 2.6.6 7.5 HIGH Released CLSA-2023:1689886440 2023-08-07 14:09:28
CentOS 7 ELS python 2.7.5 7.5 HIGH Released CLSA-2024:1711491407 2024-04-09 11:20:05
CentOS 7 ELS python3 3.6.8 7.5 HIGH Already Fixed 2023-09-19 09:30:15
CentOS 8.4 ELS python2 2.7.18 7.5 HIGH Released CLSA-2023:1689885005 2023-07-20 17:08:32
CentOS 8.4 ELS python3 3.6.8 7.5 HIGH Released CLSA-2023:1689885583 2023-07-20 17:08:25
CentOS 8.5 ELS python2 2.7.18 7.5 HIGH Released CLSA-2023:1689885237 2023-07-20 17:08:28
CentOS 8.5 ELS python3 3.6.8 7.5 HIGH Released CLSA-2023:1689885378 2023-07-20 17:08:30
CloudLinux 6 ELS python 2.6.6 7.5 HIGH Released CLSA-2023:1689886296 2023-08-07 14:09:29
Oracle Linux 6 ELS python 2.6.6 7.5 HIGH Released CLSA-2023:1689886120 2023-07-20 17:08:35
Total: 14