oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: Python Bottle JSON content-type not restrictive enough

From: cve-assign () mitre org
Date: Thu, 1 May 2014 15:00:25 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746322 and
https://github.com/defnull/bottle/issues/616 report an issue where
Bottle treated "text/plain;application/json" as JSON, allowing security
mechanisms to be bypassed.


Use CVE-2014-3137.

The scope of this CVE does not include any behavior of Chrome that
could be interpreted as a Chrome vulnerability, e.g., "can make a
request with the content-type of text/plain;application/json (IMO this
is a bug in Chrome)" in 616. A later comment in 616 says "The original
reporter mentioned filing Chrome bugs." As suggested by the
http://www.google.com/about/appsecurity/ page, Chrome bugs are the
mechanism for getting CVE assignments from the Google CNA.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTYpkXAAoJEKllVAevmvmsfl8IAI6ITpAf9TshVu0Y9+fC73zr
jCEwMs3qy53bs7ongjU0qQluH68sX4ckkobldhZL/2OM0oLPhz8ZSXNxNsHx9pX5
V7rhUgpHsM0BLyJSr2Zpr/aN/SbPKlqZWJjmLRlfslc0+BJdpqp0v7vvqjZS6iXa
BWsDcxLCQ3yMk4cYqXssfodjBKcForeOzCPlRnUrEEwE5zYMib+qkXD2vSNxDfdO
on0gFbun5+ldTm+DiN5nnkH7s6pYuPZRcmL2/BqHWfun1s9kPzCI9Vsfvf9kHJD8
LCN1e7N6S3h3Zulg+jmJSqTWJsu3aaNu+Bc4FgTBmzuYIsc0FXaPxRDE3bkmp08=
=iVci
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: