FortiClient Vulnerability

Python CVE-2022-0391 Arbitrary Code Execution Vulnerability

Description

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like \'\\r\' and \'\\n\' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.

Affected Applications

Python

CVE References

CVE-2022-0391

Other References

https://bugs.python.org/

ID	71106
Created	Feb 20, 2022
Description Updated	Dec 18, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Python Software Foundation
Patch	manual
Application	Python

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Python CVE-2022-0391 Arbitrary Code Execution Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Python CVE-2022-0391 Arbitrary Code Execution Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center