cvelistv5 - cve-2021-39214

CVE-2021-39214 (GCVE-0-2021-39214)

Vulnerability from cvelistv5 – Published: 2021-09-16 15:10 – Updated: 2024-08-04 01:58

Summary

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While a smuggled request is still captured as part of another request's body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.

Severity ?

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Assigner

GitHub_M

References

URL

Tags

https://github.com/mitmproxy/mitmproxy/security/a…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	mitmproxy	mitmproxy	Affected: < 7.0.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:58:18.196Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "mitmproxy",
          "vendor": "mitmproxy",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.0.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-16T15:10:10",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
        }
      ],
      "source": {
        "advisory": "GHSA-22gh-3r9q-xf38",
        "discovery": "UNKNOWN"
      },
      "title": "Lacking Protection against HTTP Request Smuggling in mitmproxy",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39214",
          "STATE": "PUBLIC",
          "TITLE": "Lacking Protection against HTTP Request Smuggling in mitmproxy"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "mitmproxy",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 7.0.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "mitmproxy"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38",
              "refsource": "CONFIRM",
              "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-22gh-3r9q-xf38",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-39214",
    "datePublished": "2021-09-16T15:10:10",
    "dateReserved": "2021-08-16T00:00:00",
    "dateUpdated": "2024-08-04T01:58:18.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mitmproxy:mitmproxy:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.0.2\", \"matchCriteriaId\": \"B8BF4DAA-4BE5-4F62-9B5C-A230FB0F0832\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.\"}, {\"lang\": \"es\", \"value\": \"mitmproxy es un proxy interactivo con capacidad de interceptaci\\u00f3n SSL/TLS. En mitmproxy versiones 7.0.2 y por debajo, un cliente o servidor malicioso es capaz de llevar a cabo ataques de contrabando de peticiones HTTP mediante mitmproxy. Esto significa que un cliente/servidor malicioso podr\\u00eda pasar de contrabando una petici\\u00f3n/respuesta mediante mitmproxy como parte del cuerpo del mensaje HTTP de otra petici\\u00f3n/respuesta. Mientras que una petici\\u00f3n de contrabando sigue siendo capturada como parte del cuerpo de otra petici\\u00f3n, no aparece en la lista de peticiones y no pasa por los ganchos de eventos habituales de mitmproxy, donde los usuarios pueden haber implementado comprobaciones de control de acceso personalizadas o saneo de entradas. A menos que se use mitmproxy para proteger un servicio HTTP/1, no es requerida ninguna acci\\u00f3n. La vulnerabilidad ha sido corregida en mitmproxy versiones 7.0.3 y superiores\"}]",
      "id": "CVE-2021-39214",
      "lastModified": "2024-11-21T06:18:55.243",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-09-16T15:15:07.460",
      "references": "[{\"url\": \"https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-444\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-39214\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-09-16T15:15:07.460\",\"lastModified\":\"2024-11-21T06:18:55.243\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.\"},{\"lang\":\"es\",\"value\":\"mitmproxy es un proxy interactivo con capacidad de interceptaci\u00f3n SSL/TLS. En mitmproxy versiones 7.0.2 y por debajo, un cliente o servidor malicioso es capaz de llevar a cabo ataques de contrabando de peticiones HTTP mediante mitmproxy. Esto significa que un cliente/servidor malicioso podr\u00eda pasar de contrabando una petici\u00f3n/respuesta mediante mitmproxy como parte del cuerpo del mensaje HTTP de otra petici\u00f3n/respuesta. Mientras que una petici\u00f3n de contrabando sigue siendo capturada como parte del cuerpo de otra petici\u00f3n, no aparece en la lista de peticiones y no pasa por los ganchos de eventos habituales de mitmproxy, donde los usuarios pueden haber implementado comprobaciones de control de acceso personalizadas o saneo de entradas. A menos que se use mitmproxy para proteger un servicio HTTP/1, no es requerida ninguna acci\u00f3n. La vulnerabilidad ha sido corregida en mitmproxy versiones 7.0.3 y superiores\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mitmproxy:mitmproxy:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0.2\",\"matchCriteriaId\":\"B8BF4DAA-4BE5-4F62-9B5C-A230FB0F0832\"}]}]}],\"references\":[{\"url\":\"https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

GHSA-22GH-3R9Q-XF38

Vulnerability from github – Published: 2021-09-20 19:53 – Updated: 2024-10-01 19:26

Summary

Lacking Protection against HTTP Request Smuggling in mitmproxy

Details

Impact

In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While mitmproxy would only see one request, the target server would see multiple requests. A smuggled request is still captured as part of another request's body, but it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization.

Unless you use mitmproxy to protect an HTTP/1 service, no action is required.

Patches

The vulnerability has been fixed in mitmproxy 7.0.3 and above.

Acknowledgements

We thank João Sobral (@chinchila) for responsibly disclosing this vulnerability to the mitmproxy team.

Timeline

2021-09-08: Received initial report for mitmproxy <= 6.0.2.
2021-09-08: Requested clarification if 7.x is affected.
2021-09-10: Received additional details, 7.x situation still unclear.
2021-09-13: Internally determined that 7.x is also affected.
2021-09-13: Shared initial fix with researcher.
2021-09-14: Received confirmation that fix is working, but H2.TE/H2.CL should also be looked at.
2021-09-14: Shared revised fix that includes additional H2.TE mitigations.
2021-09-14: Received confirmation that revised fix is working.
2021-09-16: Completed internal patch review.
2021-09-16: Published patch release and advisory.

Severity ?

8.1 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 (Critical)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mitmproxy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-39214"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-444"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-09-17T18:30:53Z",
    "nvd_published_at": "2021-09-16T15:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n\nIn mitmproxy 7.0.2 and below, a malicious client or server is able to perform [HTTP request smuggling](https://en.wikipedia.org/wiki/HTTP_request_smuggling) attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While mitmproxy would only see one request, the target server would see multiple requests. A smuggled request is still captured as part of another request\u0027s body, but it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization.\n\nUnless you use mitmproxy to protect an HTTP/1 service, no action is required.\n\n\n### Patches\n\nThe vulnerability has been fixed in mitmproxy 7.0.3 and above.\n\n\n### Acknowledgements\n\nWe thank Jo\u00e3o Sobral (@chinchila) for responsibly disclosing this vulnerability to the mitmproxy team.\n\n\n### Timeline\n\n- **2021-09-08**: Received initial report for mitmproxy \u003c= 6.0.2.\n- **2021-09-08**: Requested clarification if 7.x is affected.\n- **2021-09-10**: Received additional details, 7.x situation still unclear.\n- **2021-09-13**: Internally determined that 7.x is also affected.\n- **2021-09-13**: Shared initial fix with researcher.\n- **2021-09-14**: Received confirmation that fix is working, but H2.TE/H2.CL should also be looked at.\n- **2021-09-14**: Shared revised fix that includes additional H2.TE mitigations.\n- **2021-09-14**: Received confirmation that revised fix is working.\n- **2021-09-16**: Completed internal patch review.\n- **2021-09-16**: Published patch release and advisory.",
  "id": "GHSA-22gh-3r9q-xf38",
  "modified": "2024-10-01T19:26:44Z",
  "published": "2021-09-20T19:53:30Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-39214"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/mitmproxy/mitmproxy"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/mitmproxy/PYSEC-2021-328.yaml"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Lacking Protection against HTTP Request Smuggling in mitmproxy"
}

OPENSUSE-SU-2023:0233-1

Vulnerability from csaf_opensuse - Published: 2023-08-20 10:01 - Updated: 2023-08-20 10:01

Summary

Security update for python-mitmproxy

Notes

Title of the patch

Security update for python-mitmproxy

Description of the patch

This update for python-mitmproxy fixes the following issues: - CVE-2021-39214: Fixed HTTP smuggling attacks (boo#1190603)

Patchnames

openSUSE-2023-233

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for python-mitmproxy",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for python-mitmproxy fixes the following issues:\n\n- CVE-2021-39214: Fixed HTTP smuggling attacks (boo#1190603)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2023-233",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0233-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2023:0233-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZHDPB364QC7VFC7NPS2RHUKOKVUELUD7/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2023:0233-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZHDPB364QC7VFC7NPS2RHUKOKVUELUD7/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190603",
        "url": "https://bugzilla.suse.com/1190603"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39214 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39214/"
      }
    ],
    "title": "Security update for python-mitmproxy",
    "tracking": {
      "current_release_date": "2023-08-20T10:01:58Z",
      "generator": {
        "date": "2023-08-20T10:01:58Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2023:0233-1",
      "initial_release_date": "2023-08-20T10:01:58Z",
      "revision_history": [
        {
          "date": "2023-08-20T10:01:58Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
                "product": {
                  "name": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
                  "product_id": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP5",
                "product": {
                  "name": "SUSE Package Hub 15 SP5",
                  "product_id": "SUSE Package Hub 15 SP5"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch as component of SUSE Package Hub 15 SP5",
          "product_id": "SUSE Package Hub 15 SP5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch"
        },
        "product_reference": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch"
        },
        "product_reference": "python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-39214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
          "openSUSE Leap 15.5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39214",
          "url": "https://www.suse.com/security/cve/CVE-2021-39214"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190603 for CVE-2021-39214",
          "url": "https://bugzilla.suse.com/1190603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
            "openSUSE Leap 15.5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch",
            "openSUSE Leap 15.5:python3-mitmproxy-3.0.4-bp155.3.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-08-20T10:01:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39214"
    }
  ]
}

OPENSUSE-SU-2023:0232-1

Vulnerability from csaf_opensuse - Published: 2023-08-20 10:01 - Updated: 2023-08-20 10:01

Summary

Security update for python-mitmproxy

Notes

Title of the patch

Security update for python-mitmproxy

Description of the patch

This update for python-mitmproxy fixes the following issues: - CVE-2021-39214: Fixed HTTP smuggling attacks (boo#1190603)

Patchnames

openSUSE-2023-232

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for python-mitmproxy",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for python-mitmproxy fixes the following issues:\n\n- CVE-2021-39214: Fixed HTTP smuggling attacks (boo#1190603)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2023-232",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0232-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2023:0232-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZWVU67ZHXKSRHY3G2VWT27RUWDQHMIG6/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2023:0232-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZWVU67ZHXKSRHY3G2VWT27RUWDQHMIG6/"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1190603",
        "url": "https://bugzilla.suse.com/1190603"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-39214 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-39214/"
      }
    ],
    "title": "Security update for python-mitmproxy",
    "tracking": {
      "current_release_date": "2023-08-20T10:01:55Z",
      "generator": {
        "date": "2023-08-20T10:01:55Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2023:0232-1",
      "initial_release_date": "2023-08-20T10:01:55Z",
      "revision_history": [
        {
          "date": "2023-08-20T10:01:55Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
                "product": {
                  "name": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
                  "product_id": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP4",
                "product": {
                  "name": "SUSE Package Hub 15 SP4",
                  "product_id": "SUSE Package Hub 15 SP4"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch as component of SUSE Package Hub 15 SP4",
          "product_id": "SUSE Package Hub 15 SP4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch"
        },
        "product_reference": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch"
        },
        "product_reference": "python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-39214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-39214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
          "openSUSE Leap 15.4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-39214",
          "url": "https://www.suse.com/security/cve/CVE-2021-39214"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1190603 for CVE-2021-39214",
          "url": "https://bugzilla.suse.com/1190603"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
            "openSUSE Leap 15.4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch",
            "openSUSE Leap 15.4:python3-mitmproxy-3.0.4-bp154.2.3.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-08-20T10:01:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2021-39214"
    }
  ]
}

GSD-2021-39214

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-39214

Aliases

CVE-2021-39214

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-39214",
    "description": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.",
    "id": "GSD-2021-39214",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-39214.html",
      "https://security.archlinux.org/CVE-2021-39214"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-39214"
      ],
      "details": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.",
      "id": "GSD-2021-39214",
      "modified": "2023-12-13T01:23:15.855002Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2021-39214",
        "STATE": "PUBLIC",
        "TITLE": "Lacking Protection against HTTP Request Smuggling in mitmproxy"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "mitmproxy",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 7.0.3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "mitmproxy"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38",
            "refsource": "CONFIRM",
            "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-22gh-3r9q-xf38",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c=7.0.2",
          "affected_versions": "All versions up to 7.0.2",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2021-09-28",
          "description": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required.",
          "fixed_versions": [
            "7.0.3"
          ],
          "identifier": "CVE-2021-39214",
          "identifiers": [
            "CVE-2021-39214",
            "GHSA-22gh-3r9q-xf38"
          ],
          "not_impacted": "All versions after 7.0.2",
          "package_slug": "pypi/mitmproxy",
          "pubdate": "2021-09-16",
          "solution": "Upgrade to version 7.0.3 or above.",
          "title": "Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-39214"
          ],
          "uuid": "499b34f6-b573-4d26-a9a0-ce4761e1fec2"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mitmproxy:mitmproxy:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-39214"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-444"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-09-28T14:21Z",
      "publishedDate": "2021-09-16T15:15Z"
    }
  }
}

FKIE_CVE-2021-39214

Vulnerability from fkie_nvd - Published: 2021-09-16 15:15 - Updated: 2024-11-21 06:18

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38	Third Party Advisory

Impacted products

	Vendor	Product	Version
	mitmproxy	mitmproxy	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mitmproxy:mitmproxy:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8BF4DAA-4BE5-4F62-9B5C-A230FB0F0832",
              "versionEndIncluding": "7.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above."
    },
    {
      "lang": "es",
      "value": "mitmproxy es un proxy interactivo con capacidad de interceptaci\u00f3n SSL/TLS. En mitmproxy versiones 7.0.2 y por debajo, un cliente o servidor malicioso es capaz de llevar a cabo ataques de contrabando de peticiones HTTP mediante mitmproxy. Esto significa que un cliente/servidor malicioso podr\u00eda pasar de contrabando una petici\u00f3n/respuesta mediante mitmproxy como parte del cuerpo del mensaje HTTP de otra petici\u00f3n/respuesta. Mientras que una petici\u00f3n de contrabando sigue siendo capturada como parte del cuerpo de otra petici\u00f3n, no aparece en la lista de peticiones y no pasa por los ganchos de eventos habituales de mitmproxy, donde los usuarios pueden haber implementado comprobaciones de control de acceso personalizadas o saneo de entradas. A menos que se use mitmproxy para proteger un servicio HTTP/1, no es requerida ninguna acci\u00f3n. La vulnerabilidad ha sido corregida en mitmproxy versiones 7.0.3 y superiores"
    }
  ],
  "id": "CVE-2021-39214",
  "lastModified": "2024-11-21T06:18:55.243",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-16T15:15:07.460",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-444"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

PYSEC-2021-328

Vulnerability from pysec - Published: 2021-09-16 15:15 - Updated: 2021-09-23 00:11

Details

Impacted products

Name	purl
mitmproxy	pkg:pypi/mitmproxy

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "mitmproxy",
        "purl": "pkg:pypi/mitmproxy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.10",
        "0.10.1",
        "0.11",
        "0.11.1",
        "0.11.2",
        "0.11.3",
        "0.12.0",
        "0.12.1",
        "0.13",
        "0.14.0",
        "0.15",
        "0.16",
        "0.17",
        "0.18.1",
        "0.18.2",
        "0.18.3",
        "0.8",
        "0.8.1",
        "0.9",
        "0.9.1",
        "0.9.2",
        "1.0.0",
        "1.0.1",
        "1.0.2",
        "2.0.0",
        "2.0.1",
        "2.0.2",
        "3.0.0",
        "3.0.1",
        "3.0.2",
        "3.0.3",
        "3.0.4",
        "4.0.0",
        "4.0.1",
        "4.0.3",
        "4.0.4",
        "5.0.0",
        "5.0.1",
        "5.1.0",
        "5.1.1",
        "5.2",
        "5.3.0",
        "6.0.0",
        "6.0.1",
        "6.0.2",
        "7.0.0",
        "7.0.1",
        "7.0.2"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-39214",
    "GHSA-22gh-3r9q-xf38"
  ],
  "details": "mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response\u0027s HTTP message body. While a smuggled request is still captured as part of another request\u0027s body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.",
  "id": "PYSEC-2021-328",
  "modified": "2021-09-23T00:11:00.900340Z",
  "published": "2021-09-16T15:15:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-22gh-3r9q-xf38"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-39214 (GCVE-0-2021-39214)

GHSA-22GH-3R9Q-XF38

Impact

Patches

Acknowledgements

Timeline

OPENSUSE-SU-2023:0233-1

OPENSUSE-SU-2023:0232-1

GSD-2021-39214

FKIE_CVE-2021-39214

PYSEC-2021-328

Tags

Sightings

Nomenclature