CVE-2023-41105 — Untrusted Search Path in Python

CWE-426 — Untrusted Search Path CWE-158 — Improper Neutralization of Null Byte or NUL Character11 documents8 sources

Severity

7.5HIGHNVD

OSV7.6

EPSS

0.4%

top 41.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Python2.7 Debian Python3.11 Debian Python3.9 +2 more

Timeline

PublishedAug 23

Latest updateNov 7

Description

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶debiandebian/python2.7< python3.11 3.11.2-6+deb12u2 (bookworm)

▶debiandebian/python3.9< python3.11 3.11.2-6+deb12u2 (bookworm)

▶debiandebian/python3.11< python3.11 3.11.2-6+deb12u2 (bookworm)

▶NVDpython/python3.11.0 — 3.11.4

▶Palo Altopaloalto/cortex_xdr

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

python3.5, python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12 vulnerabilities↗2024-07-11

▶

GHSA

GHSA-65fx-pmw6-rcfm: An issue was discovered in Python 3↗2023-08-23

▶

OSV

CVE-2023-41105: An issue was discovered in Python 3↗2023-08-23

▶

📋Vendor Advisories

Palo Alto

PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent↗2024-11-07

▶

Oracle

Oracle Oracle Siebel CRM Risk Matrix: Siebel Cloud Manager (Python) — CVE-2023-41105↗2024-07-15

▶

Ubuntu

Python vulnerabilities↗2024-07-11

▶

Oracle

Oracle Oracle MySQL Risk Matrix: Workbench (Python) — CVE-2023-41105↗2024-01-15

▶

Ubuntu

Python vulnerability↗2023-12-11

▶