PYSEC-2023-177

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/gevent/PYSEC-2023-177.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2023-177

Aliases

Published

2023-09-25T12:15:00Z

Modified

2023-11-08T04:13:26.094496Z

Summary

[none]

Details

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.

References

Affected packages

PyPI / gevent

Package

Name: gevent; View open source insights on deps.dev
Purl: pkg:pypi/gevent

Affected ranges

Type: GIT
Repo: https://github.com/gevent/gevent
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2f53c851eaf926767fbac62385615efd4886221c

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

23.9.0

Affected versions

0.*

0.9.2

0.9.3

0.10.0

0.11.0

0.11.1

0.11.2

0.12.0

0.12.1

0.12.2

0.13.0

0.13.1

0.13.2

0.13.3

0.13.4

0.13.5

0.13.6

0.13.7

0.13.8

1.*

1.0

1.0.1

1.0.2

1.1a1

1.1a2

1.1b1

1.1b2

1.1b3

1.1b4

1.1b5

1.1b6

1.1rc1

1.1rc2

1.1rc3

1.1rc4

1.1rc5

1.1.0

1.1.1

1.1.2

1.2a1

1.2a2

1.2.0

1.2.1

1.2.2

1.3a1

1.3a2

1.3b1

1.3b2

1.3.0

1.3.1

1.3.2

1.3.2.post0

1.3.3

1.3.4

1.3.5

1.3.6

1.3.7

1.4.0

1.5a1

1.5a2

1.5a3

1.5a4

1.5.0

20.*

20.4.0

20.5.0

20.5.1

20.5.2

20.6.0

20.6.1

20.6.2

20.9.0

20.12.0

20.12.1

21.*

21.1.0

21.1.1

21.1.2

21.8.0

21.12.0

22.*

22.8.0

22.10.1

22.10.2

23.*

23.7.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/gevent/PYSEC-2023-177.yaml"