Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2019-9636 | First vendor Publication | 2019-03-08 |
| Vendor | Cve | Last vendor Modification | 2023-11-07 |
Security-Database Scoring CVSS v3
| Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | |||
|---|---|---|---|
| Overall CVSS Score | 9.8 | ||
| Base Score | 9.8 | Environmental Score | 9.8 |
| impact SubScore | 5.9 | Temporal Score | 9.8 |
| Exploitabality Sub Score | 3.9 | ||
| Attack Vector | Network | Attack Complexity | Low |
| Privileges Required | None | User Interaction | None |
| Scope | Unchanged | Confidentiality Impact | High |
| Integrity Impact | High | Availability Impact | High |
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636 |
CPE : Common Platform Enumeration
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 02:11:02 |
|
| 2024-02-01 12:19:10 |
|
| 2023-12-09 13:00:15 |
|
| 2023-11-07 21:40:19 |
|
| 2023-09-05 13:05:35 |
|
| 2023-09-05 01:18:49 |
|
| 2023-09-02 13:04:29 |
|
| 2023-09-02 01:19:06 |
|
| 2023-08-22 12:57:45 |
|
| 2022-10-11 01:18:19 |
|
| 2022-07-26 00:30:01 |
|
| 2022-07-06 00:28:13 |
|
| 2021-05-04 13:43:28 |
|
| 2021-04-22 02:55:34 |
|
| 2021-01-07 12:28:30 |
|
| 2020-11-01 17:22:54 |
|
| 2020-09-03 01:28:52 |
|
| 2020-07-15 17:22:47 |
|
| 2020-07-10 12:25:13 |
|
| 2020-05-23 02:34:22 |
|
| 2019-10-09 12:11:40 |
|
| 2019-09-19 12:03:14 |
|
| 2019-09-11 12:04:31 |
|
| 2019-08-16 12:07:37 |
|
| 2019-08-05 12:01:35 |
|
| 2019-07-29 12:07:32 |
|
| 2019-07-23 12:02:41 |
|
| 2019-07-13 12:04:02 |
|
| 2019-07-12 12:10:55 |
|
| 2019-07-05 12:01:30 |
|
| 2019-06-25 12:10:47 |
|
| 2019-06-21 00:19:19 |
|
| 2019-06-19 09:19:35 |
|
| 2019-06-13 21:19:27 |
|
| 2019-05-27 12:01:10 |
|
| 2019-05-17 17:19:38 |
|
| 2019-05-17 09:18:25 |
|
| 2019-05-11 05:18:44 |
|
| 2019-05-08 00:19:00 |
|
| 2019-05-07 13:19:25 |
|
| 2019-05-01 00:19:07 |
|
| 2019-04-29 21:19:31 |
|
| 2019-04-27 05:19:11 |
|
| 2019-04-26 05:19:01 |
|
| 2019-04-26 00:19:28 |
|
| 2019-04-25 17:19:14 |
|
| 2019-04-23 21:19:23 |
|
| 2019-04-17 21:19:26 |
|
| 2019-04-17 00:19:13 |
|
| 2019-04-08 21:19:44 |
|
| 2019-04-05 12:08:56 |
|
| 2019-04-03 17:19:15 |
|
| 2019-03-30 09:19:31 |
|
| 2019-03-29 12:08:49 |
|
| 2019-03-29 09:19:07 |
|
| 2019-03-29 00:19:23 |
|
| 2019-03-27 21:19:44 |
|
| 2019-03-25 13:19:36 |
|
| 2019-03-18 17:19:31 |
|
| 2019-03-15 13:19:29 |
|
| 2019-03-13 17:19:29 |
|
| 2019-03-12 17:19:34 |
|
| 2019-03-09 00:19:06 |
|
