Critical severityNVD Advisory· Published Sep 25, 2023· Updated Nov 25, 2025
CVE-2023-41419
CVE-2023-41419
Description
An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
geventPyPI | < 23.9.0 | 23.9.0 |
Affected products
27- Gevent/Geventdescription
- osv-coords26 versionspkg:apk/chainguard/kubeflow-jupyter-web-apppkg:apk/chainguard/kubeflow-volumes-web-apppkg:apk/wolfi/kubeflow-jupyter-web-apppkg:apk/wolfi/kubeflow-volumes-web-apppkg:pypi/geventpkg:rpm/almalinux/python3-geventpkg:rpm/suse/python-gevent&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-gevent&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/python-gevent&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/python-gevent&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/python-gevent&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/python-gevent&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-gevent&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/python-gevent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-gevent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 1.7.0-r4+ 25 more
- (no CPE)range: < 1.7.0-r4
- (no CPE)range: < 1.7.0-r5
- (no CPE)range: < 1.7.0-r4
- (no CPE)range: < 1.7.0-r5
- (no CPE)range: < 23.9.0
- (no CPE)range: < 1.2.2-5.el8_10
- (no CPE)range: < 1.1.2-3.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.2.2-150000.5.3.1
- (no CPE)range: < 1.1.2-3.3.1
- (no CPE)range: < 1.3.5-3.3.1
- (no CPE)range: < 1.1.2-3.3.1
- (no CPE)range: < 1.3.5-3.3.1
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-x7m3-jprg-wc5gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-41419ghsaADVISORY
- www.gevent.org/changelog.htmlghsaWEB
- github.com/gevent/gevent/commit/2f53c851eaf926767fbac62385615efd4886221cghsaWEB
- github.com/gevent/gevent/issues/1989ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/gevent/PYSEC-2023-177.yamlghsaWEB
- lists.debian.org/debian-lts-announce/2025/11/msg00020.htmlghsaWEB
News mentions
0No linked articles in our index yet.