Test ID:	1.3.6.1.4.1.25623.1.1.2.2022.1548
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for python (EulerOS-SA-2022-1548)
Summary:	The remote host is missing an update for the Huawei EulerOS 'python' package(s) announced via the EulerOS-SA-2022-1548 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'python' package(s) announced via the EulerOS-SA-2022-1548 advisory. Vulnerability Insight: A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks.CVE-2022-0391) Affected Software/OS: 'python' package(s) on Huawei EulerOS V2.0SP5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-0391 https://security.netapp.com/advisory/ntap-20220225-0009/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/ https://security.gentoo.org/glsa/202305-02 https://bugs.python.org/issue43882 https://www.oracle.com/security-alerts/cpuapr2022.html https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.