CVE-2023-41419

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-41419

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41419.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-41419

Aliases

Related

Published

2023-09-25T12:15:11Z

Modified

2025-07-02T00:24:40.978074Z

Downstream

RHSA-2023:7438

RHSA-2024:7785

openSUSE-SU-2024:13254-1

SUSE-SU-2023:3975-1

RHSA-2024:8834

RHSA-2024:8105

SUSE-SU-2023:4009-1

SUSE-SU-2023:4091-1

RHSA-2024:7421

RHSA-2024:8102

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.

References

Affected packages

Git / github.com/gevent/gevent

Affected ranges

Type: GIT
Repo: https://github.com/gevent/gevent
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2f53c851eaf926767fbac62385615efd4886221c

Affected versions

0.*

0.10.0

0.11.0

0.11.1

0.11.2

0.12.0

0.12.0-preview

0.12.0-preview-2

0.12.1

0.12.2

0.13.0

0.13.0-beta1

0.13.0b2

0.13.1

0.13.1b1

0.13.1b2

0.9.0

0.9.1

0.9.2

0.9.3

1.*

1.0

1.0a1

1.0a2

1.0a3

1.0b1

1.0b2

1.0b3

1.0b4

1.0rc1

1.0rc2

1.0rc3

1.2.0

1.2.1

1.2.2

1.3.0

1.3.1

1.3.2

1.3.2.post0

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.3a1

1.3a2

1.3b1

1.3b2

1.4.0

1.5a1

1.5a2

1.5a3

1.5a4

20.*

20.04.0

20.12.0

20.12.1

20.5.0

20.5.1

20.5.2

20.6.0

20.6.1

20.9.0

21.*

21.1.0

21.1.1

21.1.2

21.12.0

21.8.0

22.*

22.08.0

22.10.1

22.10.2

23.*

23.7.0

v1.*

v1.1.0

v1.1a1

v1.1a2

v1.1b1

v1.1b2

v1.1b3

v1.1b4

v1.1b5

v1.1b6

v1.1rc1

v1.1rc2

v1.1rc3

v1.1rc4

v1.1rc5

v1.2a1

v1.2a2