CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-7592

High Severity
Python
SVRS
68/100
CVSSv3
7.5/10
EPSS
0.00203/1

CVE-2024-7592 is a denial-of-service vulnerability affecting the CPython 'http.cookies' module. This flaw allows an attacker to craft malicious cookies containing backslashes that, when parsed, consume excessive CPU resources due to quadratic complexity in the parsing algorithm. Although the CVSS score is 7.5, the SOCRadar Vulnerability Risk Score (SVRS) is 68, indicating a potentially elevated risk that is trending toward critical. Attackers exploiting this CWE-400 vulnerability can cause a denial of service by overwhelming the server with cookie parsing requests. This is especially significant because cookie handling is a fundamental part of web application functionality. While rated LOW severity by CPython, the 'In The Wild' tag suggests active exploitation, demanding prompt awareness and mitigation strategies such as input validation and rate limiting. The high SVRS, albeit not critical, warrants careful monitoring and patching when available to prevent potential resource exhaustion.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2024-08-19
LAST MODIFIED2025-02-05
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-7592 is a LOW severity vulnerability in CPython's 'http.cookies' standard library module. It arises when parsing cookies with backslashes in quoted characters, leading to excessive CPU usage due to a quadratic complexity algorithm.

Key Insights

  • SVRS Score: 42, indicating a moderate risk.
  • Exploit Status: No active exploits have been published.
  • CISA Warnings: None issued.
  • In the Wild: Not actively exploited by hackers.

Mitigation Strategies

  • Update to the latest version of CPython.
  • Use a web application firewall (WAF) to block malicious requests.
  • Implement input validation to prevent the parsing of malicious cookies.
  • Monitor network traffic for suspicious activity.

Additional Information

If you have any further questions, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Tageszusammenfassung - 13.12.2024
CERT.at2025-02-01
Tageszusammenfassung - 13.12.2024 | End-of-Day report Timeframe: Donnerstag 12-12-2024 18:00 - Freitag 13-12-2024 18:05 Handler: Michael Schlagenhaufer Co-Handler: n/a News Social Engineering nach Mailbombing Rapid7 hat vor Kurzem einen Blogbeitrag zur Vorgehensweise einer Ransomwaregruppe veröffentlicht, wir haben inzwischen von mehreren Firmen in Österreich gehört, die dieses Angriffsmuster selber beobachten mussten: Zuerst wird ein Mitarbeiter der Zielfirma mit E-Mail überschüttet: in vielen Fällen sind das legitime Newsletter, die aber in der Masse ein echtes Problem sind
cert.at
rss
forum
news
USN-7015-6: Python regressions
2024-11-22
USN-7015-6: Python regressions | USN-7015-5 fixed vulnerabilities in python2.7. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE-2024-6232) It
ubuntu.com
rss
forum
news
USN-7015-5: Python vulnerabilities
2024-11-20
USN-7015-5: Python vulnerabilities | USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use
ubuntu.com
rss
forum
news
USN-7015-4: Python vulnerability
2024-10-14
USN-7015-4: Python vulnerability | USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2023-27043 for python2.7 and python3.5 in Ubuntu 14.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. (CVE
ubuntu.com
rss
forum
news
USN-7015-3: Python vulnerability
2024-10-01
USN-7015-3: Python vulnerability | USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for python2.7 in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and for python3.5 in Ubuntu 16.04 LTS. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. (CVE-2023-27043) It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use
cve-2024-7592
cve-2023-27043
cve-2024-8088
ubuntu.com

Social Media

🚨 Lambda Watchdog detected a new MEDIUM severity CVE 🚨 CVE-2024-7592 was detected in the latest AWS Lambda image scan affecting the python package in 18 images. Check the full report 👉 https://t.co/6EUGaPyRZk #AWS #Lambda #CVE #CloudSecurity #Serverless
0
0
0
🚨 Last week’s Python minor update includes a patch for CVE-2024-7592—a vulnerability I reported to Python Security team. This flaw could trigger a DoS via certain methods in the 'http.cookies' module, impacting all Django servers exposed online. https://t.co/CHKHMhbfnV
0
0
0
CVE-2024-7592 There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for … https://t.co/qrvUAJMd7A
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppPythonpython

References

ReferenceLink
[email protected]https://github.com/python/cpython/issues/123067
[email protected]https://github.com/python/cpython/pull/123075
[email protected]https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
[email protected]https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
[email protected]https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
[email protected]https://github.com/python/cpython/issues/123067
[email protected]https://github.com/python/cpython/pull/123075
[email protected]https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
[email protected]https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
[email protected]https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
[email protected]https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
[email protected]https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
[email protected]https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
[email protected]https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
[email protected]https://github.com/python/cpython/issues/123067
[email protected]https://github.com/python/cpython/pull/123075
[email protected]https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/
AF854A3A-2127-422B-91AE-364DA2661108https://security.netapp.com/advisory/ntap-20241018-0006/
[email protected]https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621
[email protected]https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef
[email protected]https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06
[email protected]https://github.com/python/cpython/commit/b2f11ca7667e4d57c71c1c88b255115f16042d9a
[email protected]https://github.com/python/cpython/commit/d4ac921a4b081f7f996a5d2b101684b67ba0ed7f
[email protected]https://github.com/python/cpython/commit/d662e2db2605515a767f88ad48096b8ac623c774
[email protected]https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
[email protected]https://github.com/python/cpython/issues/123067
[email protected]https://github.com/python/cpython/pull/123075
[email protected]https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK/

CWE Details

CWE IDCWE NameDescription
CWE-1333Inefficient Regular Expression ComplexityThe product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles.
CWE-400Uncontrolled Resource ConsumptionThe software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence