Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Python CGIHTTPServer模块CGIHTTPServer.py is_cgi方法信息泄露漏洞
Vulnerability Description
Python是Python软件基金会的一套开源的、面向对象的程序设计语言。该语言具有可扩展、支持模块和包、支持多种平台等特点。 Python 2.5,2.6和3.0版本中的CGIHTTPServer模块的CGIHTTPServer.py中的is_cgi方法中存在信息泄露漏洞。由于该模块没有正确过滤用户提供的输入,导致访问任意脚本内的敏感信息,远程攻击者可以借助HTTP GET请求读取脚本源代码,该请求在URI始端缺少/(斜杠)字符。
CVSS Information
N/A
Vulnerability Type
N/A