oss-sec mailing list archives
Re: CVE request: Python Bottle JSON content-type not restrictive enough
From: cve-assign () mitre org
Date: Thu, 1 May 2014 15:00:25 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746322 and https://github.com/defnull/bottle/issues/616 report an issue where Bottle treated "text/plain;application/json" as JSON, allowing security mechanisms to be bypassed.
Use CVE-2014-3137. The scope of this CVE does not include any behavior of Chrome that could be interpreted as a Chrome vulnerability, e.g., "can make a request with the content-type of text/plain;application/json (IMO this is a bug in Chrome)" in 616. A later comment in 616 says "The original reporter mentioned filing Chrome bugs." As suggested by the http://www.google.com/about/appsecurity/ page, Chrome bugs are the mechanism for getting CVE assignments from the Google CNA. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJTYpkXAAoJEKllVAevmvmsfl8IAI6ITpAf9TshVu0Y9+fC73zr jCEwMs3qy53bs7ongjU0qQluH68sX4ckkobldhZL/2OM0oLPhz8ZSXNxNsHx9pX5 V7rhUgpHsM0BLyJSr2Zpr/aN/SbPKlqZWJjmLRlfslc0+BJdpqp0v7vvqjZS6iXa BWsDcxLCQ3yMk4cYqXssfodjBKcForeOzCPlRnUrEEwE5zYMib+qkXD2vSNxDfdO on0gFbun5+ldTm+DiN5nnkH7s6pYuPZRcmL2/BqHWfun1s9kPzCI9Vsfvf9kHJD8 LCN1e7N6S3h3Zulg+jmJSqTWJsu3aaNu+Bc4FgTBmzuYIsc0FXaPxRDE3bkmp08= =iVci -----END PGP SIGNATURE-----
Current thread:
- CVE request: Python Bottle JSON content-type not restrictive enough Murray McAllister (Apr 30)
- Re: CVE request: Python Bottle JSON content-type not restrictive enough cve-assign (May 01)