CVE-2020-11078 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Severity

68%

Complexity

22%

Confidentiality

66%

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0.

CVSS 3.1 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N).

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Demo Examples

Improper Neutralization of CRLF Sequences ('CRLF Injection')

CWE-93

If user input data that eventually makes it to a log message isn't checked for CRLF characters, it may be possible for an attacker to forge entries in a log file.


               
logger.info("User's street address: " + request.getParameter("streetAddress"));

Overview

First reported 5 years ago

2020-05-20 16:15:00

Last updated 4 years ago

2020-08-19 18:56:00

Affected Software

Fedora 31

31

Fedora 32

32

Debian Linux 8.0 (Jessie)

8.0

References

https://github.com/httplib2/httplib2/commit/a1457cc31f3206cf691d11d2bf34e98865873e9e

https://github.com/httplib2/httplib2/security/advisories/GHSA-gg84-qgv9-w4pq

[allura-commits] 20200521 [allura] branch master updated: Upgrade httplib2 for CVE-2020-11078

https://github.com/httplib2/httplib2/commit/a1457cc31f3206cf691d11d2bf34e98865873e9e

Patch, Third Party Advisory

https://github.com/httplib2/httplib2/security/advisories/GHSA-gg84-qgv9-w4pq

Patch, Third Party Advisory

[allura-commits] 20200521 [allura] branch master updated: Upgrade httplib2 for CVE-2020-11078

Mailing List, Patch, Third Party Advisory

[debian-lts-announce] 20200601 [SECURITY] [DLA 2232-1] python-httplib2 security update

[beam-issues] 20200602 [jira] [Created] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

FEDORA-2020-a7a15a9687

FEDORA-2020-37779a5c93

[beam-issues] 20200802 [jira] [Commented] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

[beam-issues] 20200802 [jira] [Updated] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

[beam-issues] 20200816 [jira] [Updated] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

[beam-issues] 20200816 [jira] [Commented] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

[beam-issues] 20200602 [jira] [Created] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

Mailing List, Third Party Advisory

[beam-issues] 20200816 [jira] [Updated] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

Mailing List, Third Party Advisory

[beam-issues] 20200802 [jira] [Commented] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

Mailing List, Third Party Advisory

[beam-issues] 20200816 [jira] [Commented] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

Mailing List, Third Party Advisory

[beam-issues] 20200802 [jira] [Updated] (BEAM-10180) Upgrade httplib2 to > 0.18.0 to resolve CVE-2020-11078

Mailing List, Third Party Advisory

[debian-lts-announce] 20200601 [SECURITY] [DLA 2232-1] python-httplib2 security update

Mailing List, Third Party Advisory

FEDORA-2020-a7a15a9687

Mailing List, Third Party Advisory

FEDORA-2020-37779a5c93

Mailing List, Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.