Critical severityNVD Advisory· Published May 29, 2022· Updated Aug 3, 2024
CVE-2022-31799
CVE-2022-31799
Description
Bottle before 0.12.20 mishandles errors during early request binding.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bottlePyPI | < 0.12.20 | 0.12.20 |
Affected products
26- Bottle/Bottledescription
- ghsa-coords25 versionspkg:pypi/bottlepkg:rpm/opensuse/python-bottle&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/python-bottle&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/python-bottle&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/python-bottle&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-bottle&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/python-bottle&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/python-bottle&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/python-bottle&distro=SUSE%20Manager%20Server%204.1
< 0.12.20+ 24 more
- (no CPE)range: < 0.12.20
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
- (no CPE)range: < 0.12.13-150000.3.6.1
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-xhp9-4947-rq78ghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HD/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3F/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2022-31799ghsaADVISORY
- www.debian.org/security/2022/dsa-5159ghsavendor-advisoryx_refsource_DEBIANWEB
- github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4cghsax_refsource_MISCWEB
- github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00ghsax_refsource_MISCWEB
- github.com/bottlepy/bottle/compare/0.12.19...0.12.20ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/bottle/PYSEC-2022-227.yamlghsaWEB
- lists.debian.org/debian-lts-announce/2022/06/msg00010.htmlghsamailing-listx_refsource_MLISTWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IE7U6J45PUEXIYYVWJKPM6QXIRKDK4HDghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KTLOQGMDZEPIYTFC2G53OQV2ULCGYS3FghsaWEB
News mentions
0No linked articles in our index yet.