« List of all CVEs

CVE-2011-1015

Published: 5/9/2011 Last updated: 8/6/2024 Reserved: 2/14/2011

The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (7)

conf-python-2-7 conf-python-2-7-dev conf-python-3 conf-python-3-7 conf-python-3-dev py termbox

Products affected (1)

Product Vendor Version
n/a n/a n/a

References (30)