CVE-2019-18348

An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with rn (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.

Weakness

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

Affected Software

Name	Vendor	Start Version	End Version
Python	Python	2.0 (including)	2.7.17 (including)
Python	Python	3.0 (including)	3.5.10 (excluding)
Python	Python	3.6.0 (including)	3.6.11 (excluding)
Python	Python	3.7.0 (including)	3.7.8 (excluding)
Python	Python	3.8.0 (including)	3.8.3 (excluding)
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	rh-python36-python-0:3.6.12-1.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	rh-python36-python-pip-0:9.0.1-5.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 6	RedHat	rh-python36-python-virtualenv-0:15.1.0-3.el6	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-0:2.7.18-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-pip-0:8.1.2-6.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	python27-python-virtualenv-0:13.1.0-4.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	rh-python36-python-0:3.6.12-1.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	rh-python36-python-pip-0:9.0.1-5.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7	RedHat	rh-python36-python-virtualenv-0:15.1.0-3.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	python27-python-0:2.7.18-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	python27-python-pip-0:8.1.2-6.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	python27-python-virtualenv-0:13.1.0-4.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	rh-python36-python-0:3.6.12-1.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	rh-python36-python-pip-0:9.0.1-5.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS	RedHat	rh-python36-python-virtualenv-0:15.1.0-3.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	python27-python-0:2.7.18-2.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	python27-python-pip-0:8.1.2-6.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	python27-python-virtualenv-0:13.1.0-4.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	rh-python36-python-0:3.6.12-1.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	rh-python36-python-pip-0:9.0.1-5.el7	*
Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS	RedHat	rh-python36-python-virtualenv-0:15.1.0-3.el7	*
Python2.7	Ubuntu	bionic	*
Python2.7	Ubuntu	disco	*
Python2.7	Ubuntu	eoan	*
Python2.7	Ubuntu	esm-infra-legacy/trusty	*
Python2.7	Ubuntu	esm-infra/bionic	*
Python2.7	Ubuntu	esm-infra/xenial	*
Python2.7	Ubuntu	trusty	*
Python2.7	Ubuntu	trusty/esm	*
Python2.7	Ubuntu	xenial	*
Python3.4	Ubuntu	esm-infra-legacy/trusty	*
Python3.4	Ubuntu	trusty	*
Python3.4	Ubuntu	trusty/esm	*
Python3.5	Ubuntu	esm-infra-legacy/trusty	*
Python3.5	Ubuntu	esm-infra/xenial	*
Python3.5	Ubuntu	trusty	*
Python3.5	Ubuntu	trusty/esm	*
Python3.5	Ubuntu	xenial	*
Python3.6	Ubuntu	bionic	*
Python3.6	Ubuntu	esm-infra/bionic	*
Python3.7	Ubuntu	bionic	*
Python3.7	Ubuntu	disco	*
Python3.7	Ubuntu	eoan	*
Python3.7	Ubuntu	esm-apps/bionic	*
Python3.8	Ubuntu	bionic	*
Python3.8	Ubuntu	disco	*
Python3.8	Ubuntu	eoan	*
Python3.8	Ubuntu	esm-apps/bionic	*
Python3.8	Ubuntu	esm-infra/focal	*
Python3.8	Ubuntu	focal	*
Python3.8	Ubuntu	groovy	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-18348
CWE	https://cwe.mitre.org/data/definitions/74.html

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Weakness

Affected Software

Potential Mitigations

References

CVE-2019-18348

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References