{"containers": {"cna": {"providerMetadata": {"dateUpdated": "2019-06-03T19:04:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "rejectedReasons": [{"lang": "en", "value": "Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 \"Independently Fixable\" in the CVE Counting Decisions"}]}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-1752", "datePublished": "2019-06-03T19:04:24", "dateRejected": "2019-06-03T19:04:24", "dateReserved": "2013-02-15T00:00:00", "dateUpdated": "2019-06-03T19:04:24", "state": "REJECTED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 \"Independently Fixable\" in the CVE Counting Decisions"}], "id": "CVE-2013-1752", "lastModified": "2023-11-07T02:14:48.750", "metrics": {}, "published": "2019-06-03T20:15:09.487", "references": [], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Rejected"}

{"affected_release": [{"advisory": "RHSA-2015:1330", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "python-0:2.6.6-64.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-20T00:00:00Z"}, {"advisory": "RHSA-2015:2101", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "python-0:2.7.5-34.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-11-19T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-0:1.1-17.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-0:2.7.8-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-pip-0:1.5.6-5.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-setuptools-0:0.9.8-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-simplejson-0:3.2.0-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-wheel-0:0.24.0-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-0:1.1-17.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-0:2.7.8-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-pip-0:1.5.6-5.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-setuptools-0:0.9.8-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-simplejson-0:3.2.0-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-wheel-0:0.24.0-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-0:1.1-17.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-0:2.7.8-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-pip-0:1.5.6-5.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-setuptools-0:0.9.8-3.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-simplejson-0:3.2.0-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "python27-python-wheel-0:0.24.0-2.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "python27-0:1.1-20.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "python27-python-0:2.7.8-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "python27-python-pip-0:1.5.6-5.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "python27-python-setuptools-0:0.9.8-5.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "python27-python-simplejson-0:3.2.0-3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}, {"advisory": "RHSA-2015:1064", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "python27-python-wheel-0:0.24.0-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2015-06-04T00:00:00Z"}], "bugzilla": {"description": "python: multiple unbound readline() DoS flaws in python stdlib", "id": "1046174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1046174"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-400", "details": ["It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory."], "name": "CVE-2013-1752", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "python", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "redhat-support-lib-python", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "jython", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "redhat-support-lib-python", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "redhat-support-lib-python", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "jython-eap6", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:4.3", "fix_state": "Will not fix", "package_name": "jython", "product_name": "Red Hat JBoss SOA Platform 4.3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5", "fix_state": "Will not fix", "package_name": "jython", "product_name": "Red Hat JBoss SOA Platform 5"}, {"cpe": "cpe:/a:redhat:openshift:2", "fix_state": "Will not fix", "package_name": "jython", "product_name": "Red Hat OpenShift Enterprise 2"}, {"cpe": "cpe:/a:redhat:network_satellite:5.4", "fix_state": "Will not fix", "package_name": "jython", "product_name": "Red Hat Satellite 5.4"}, {"cpe": "cpe:/a:redhat:network_satellite:5.5", "fix_state": "Will not fix", "package_name": "jython", "product_name": "Red Hat Satellite 5.5"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:1", "fix_state": "Affected", "package_name": "python27-python", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Will not fix", "package_name": "python33-python", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-python34-python", "product_name": "Red Hat Software Collections"}], "public_date": "2012-09-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-1752\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-1752"], "statement": "Red Hat JBoss SOA Platform 5 is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes; and Red Hat JBoss SOA Platform 4.3 is now in Extended Life Support phase receiving only Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat JBoss Middleware Product Life Cycle: https://access.redhat.com/support/policy/updates/jboss_notes/", "threat_severity": "Moderate", "upstream_fix": "python 3.2.6, python 3.3.4, python 3.4.0"}