Version: latest

CVE-2022-0391

CVE Details

CVE-2022-0391

Last Update

08/16/2024

NIST CVE Summary

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.

Our Official Summary

Waiting on a fix from third party mongodb vendor

CVE Severity

7.5

Status

Ongoing

Affected Products & Versions

Palette VerteX 4.4.14

Revision History

1.0 08/16/2024 Initial Publication
2.0 08/17/2024 Added palette VerteX 4.4.14 to Affected Products

CVE Details​

Last Update​

NIST CVE Summary​

Our Official Summary​

CVE Severity​

Status​

Affected Products & Versions​

Revision History​