Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2021-23336: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Red Hat: CVE-2021-23336: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (Multiple Advisories)

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:P/A:P)

Published

02/15/2021

Created

05/21/2021

Added

05/21/2021

Modified

12/15/2023

Description

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.

Solution(s)

redhat-upgrade-babel
redhat-upgrade-cython-debugsource
redhat-upgrade-numpy-debugsource
redhat-upgrade-platform-python
redhat-upgrade-platform-python-debug
redhat-upgrade-platform-python-devel
redhat-upgrade-python-cffi-debugsource
redhat-upgrade-python-coverage-debugsource
redhat-upgrade-python-cryptography-debugsource
redhat-upgrade-python-lxml-debugsource
redhat-upgrade-python-markupsafe-debugsource
redhat-upgrade-python-nose-docs
redhat-upgrade-python-psutil-debugsource
redhat-upgrade-python-psycopg2-debuginfo
redhat-upgrade-python-psycopg2-debugsource
redhat-upgrade-python-psycopg2-doc
redhat-upgrade-python-pymongo-debuginfo
redhat-upgrade-python-pymongo-debugsource
redhat-upgrade-python-sqlalchemy-doc
redhat-upgrade-python2
redhat-upgrade-python2-attrs
redhat-upgrade-python2-babel
redhat-upgrade-python2-backports
redhat-upgrade-python2-backports-ssl_match_hostname
redhat-upgrade-python2-bson
redhat-upgrade-python2-bson-debuginfo
redhat-upgrade-python2-chardet
redhat-upgrade-python2-coverage
redhat-upgrade-python2-coverage-debuginfo
redhat-upgrade-python2-cython
redhat-upgrade-python2-cython-debuginfo
redhat-upgrade-python2-debug
redhat-upgrade-python2-debuginfo
redhat-upgrade-python2-debugsource
redhat-upgrade-python2-devel
redhat-upgrade-python2-dns
redhat-upgrade-python2-docs
redhat-upgrade-python2-docs-info
redhat-upgrade-python2-docutils
redhat-upgrade-python2-funcsigs
redhat-upgrade-python2-idna
redhat-upgrade-python2-ipaddress
redhat-upgrade-python2-jinja2
redhat-upgrade-python2-libs
redhat-upgrade-python2-lxml
redhat-upgrade-python2-lxml-debuginfo
redhat-upgrade-python2-markupsafe
redhat-upgrade-python2-mock
redhat-upgrade-python2-nose
redhat-upgrade-python2-numpy
redhat-upgrade-python2-numpy-debuginfo
redhat-upgrade-python2-numpy-doc
redhat-upgrade-python2-numpy-f2py
redhat-upgrade-python2-pip
redhat-upgrade-python2-pip-wheel
redhat-upgrade-python2-pluggy
redhat-upgrade-python2-psycopg2
redhat-upgrade-python2-psycopg2-debug
redhat-upgrade-python2-psycopg2-debug-debuginfo
redhat-upgrade-python2-psycopg2-debuginfo
redhat-upgrade-python2-psycopg2-tests
redhat-upgrade-python2-py
redhat-upgrade-python2-pygments
redhat-upgrade-python2-pymongo
redhat-upgrade-python2-pymongo-debuginfo
redhat-upgrade-python2-pymongo-gridfs
redhat-upgrade-python2-pymysql
redhat-upgrade-python2-pysocks
redhat-upgrade-python2-pytest
redhat-upgrade-python2-pytest-mock
redhat-upgrade-python2-pytz
redhat-upgrade-python2-pyyaml
redhat-upgrade-python2-pyyaml-debuginfo
redhat-upgrade-python2-requests
redhat-upgrade-python2-rpm-macros
redhat-upgrade-python2-scipy
redhat-upgrade-python2-scipy-debuginfo
redhat-upgrade-python2-setuptools
redhat-upgrade-python2-setuptools-wheel
redhat-upgrade-python2-setuptools_scm
redhat-upgrade-python2-six
redhat-upgrade-python2-sqlalchemy
redhat-upgrade-python2-test
redhat-upgrade-python2-tkinter
redhat-upgrade-python2-tools
redhat-upgrade-python2-urllib3
redhat-upgrade-python2-virtualenv
redhat-upgrade-python2-wheel
redhat-upgrade-python2-wheel-wheel
redhat-upgrade-python3-debuginfo
redhat-upgrade-python3-debugsource
redhat-upgrade-python3-idle
redhat-upgrade-python3-libs
redhat-upgrade-python3-test
redhat-upgrade-python3-tkinter
redhat-upgrade-python38
redhat-upgrade-python38-asn1crypto
redhat-upgrade-python38-atomicwrites
redhat-upgrade-python38-attrs
redhat-upgrade-python38-babel
redhat-upgrade-python38-cffi
redhat-upgrade-python38-cffi-debuginfo
redhat-upgrade-python38-chardet
redhat-upgrade-python38-cryptography
redhat-upgrade-python38-cryptography-debuginfo
redhat-upgrade-python38-cython
redhat-upgrade-python38-cython-debuginfo
redhat-upgrade-python38-debug
redhat-upgrade-python38-debuginfo
redhat-upgrade-python38-debugsource
redhat-upgrade-python38-devel
redhat-upgrade-python38-idle
redhat-upgrade-python38-idna
redhat-upgrade-python38-jinja2
redhat-upgrade-python38-libs
redhat-upgrade-python38-lxml
redhat-upgrade-python38-lxml-debuginfo
redhat-upgrade-python38-markupsafe
redhat-upgrade-python38-markupsafe-debuginfo
redhat-upgrade-python38-mod_wsgi
redhat-upgrade-python38-more-itertools
redhat-upgrade-python38-numpy
redhat-upgrade-python38-numpy-debuginfo
redhat-upgrade-python38-numpy-doc
redhat-upgrade-python38-numpy-f2py
redhat-upgrade-python38-packaging
redhat-upgrade-python38-pip
redhat-upgrade-python38-pip-wheel
redhat-upgrade-python38-pluggy
redhat-upgrade-python38-ply
redhat-upgrade-python38-psutil
redhat-upgrade-python38-psutil-debuginfo
redhat-upgrade-python38-psycopg2
redhat-upgrade-python38-psycopg2-debuginfo
redhat-upgrade-python38-psycopg2-doc
redhat-upgrade-python38-psycopg2-tests
redhat-upgrade-python38-py
redhat-upgrade-python38-pycparser
redhat-upgrade-python38-pymysql
redhat-upgrade-python38-pyparsing
redhat-upgrade-python38-pysocks
redhat-upgrade-python38-pytest
redhat-upgrade-python38-pytz
redhat-upgrade-python38-pyyaml
redhat-upgrade-python38-pyyaml-debuginfo
redhat-upgrade-python38-requests
redhat-upgrade-python38-rpm-macros
redhat-upgrade-python38-scipy
redhat-upgrade-python38-scipy-debuginfo
redhat-upgrade-python38-setuptools
redhat-upgrade-python38-setuptools-wheel
redhat-upgrade-python38-six
redhat-upgrade-python38-test
redhat-upgrade-python38-tkinter
redhat-upgrade-python38-urllib3
redhat-upgrade-python38-wcwidth
redhat-upgrade-python38-wheel
redhat-upgrade-python38-wheel-wheel
redhat-upgrade-pyyaml-debugsource
redhat-upgrade-scipy-debugsource

References

CVE-2021-23336
RHSA-2021:1633
RHSA-2021:4151
RHSA-2021:4162

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2021-23336: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (Multiple Advisories)

Red Hat: CVE-2021-23336: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.