The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4151 advisory.

  - In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content     retrieved via HTTP. (CVE-2020-27619)

  - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before     3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and     urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query     parameters using a semicolon (;), they can cause a difference in the interpretation of the request between     the proxy (running with default configuration) and the server. This can result in malicious requests being     cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and     therefore would not include it in a cache key of an unkeyed parameter. (CVE-2021-23336)

  - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn     by its CNA. Notes: none (CVE-2021-20095)

  - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing     serialized Python objects) via directory traversal, leading to code execution. (CVE-2021-42771)

  - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when     performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only     contains the exception keyword. (CVE-2021-20270)

  - In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular     expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are     vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service.
    (CVE-2021-27291)

  - This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the     `_punctuation_re regex` operator and its use of multiple wildcards. The last wildcard is the most     exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to format     user content instead of the urlize filter, or by implementing request timeouts and limiting process     memory. (CVE-2020-28493)

  - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling     the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute     allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS     code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3.
    (CVE-2021-28957)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 8 : python27:2.7 (ELSA-2021-4151)

critical Nessus Plugin ID 155987

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.4

Version 1.8 Nov 2, 2024, 2:28 AM CVSS metrics ("Cvssv4 score" set to 9.3) CVSS metrics ("Cvssv4 supplemental" set to none) Detection (updated detection logic) Plugin Feed: 202411020228
Version 1.7 Oct 23, 2024, 7:37 AM CVSS metrics ("Cvssv4 threat vector" set to "CVSS:4.0/E:P") Plugin Feed: 202410230737
Version 1.6 Oct 23, 2024, 12:00 AM CVE (set "CVE" coverage to "CVE-2020-27619,CVE-2020-28493,CVE-2021-20095,CVE-2021-20270,CVE-2021-23336,CVE-2021-27291,CVE-2021-28957,CVE-2021-42771") CVSS metrics ("Cvssv4 score" set to 9.3) CVSS metrics ("Cvssv4 supplemental" set to "CVSS:4.0/U:Red") CVSS metrics ("Cvssv4 vector" set to "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N") Detection (updated detection logic) Plugin metadata Plugin Feed: 202410230000
Version 1.5 Jan 16, 2024, 5:39 PM CVE (Removed rejected CVE) Plugin Feed: 202401161739
Version 1.4 Nov 22, 2023, 2:15 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202311221415
Version 1.4 Jan 16, 2024, 3:43 PM CVE (Removed rejected CVE) Plugin Feed: 202401161543