USN-5532-1: Bottle vulnerability
26 July 2022
Bottle could be made to leak sensitive information if it received a specially crafted request.
Releases
Packages
- python-bottle - fast and simple WSGI-framework for Python
Details
It was discovered that Bottle incorrectly handled errors during early request
binding. An attacker could possibly use this issue to disclose sensitive
information. (CVE-2022-31799)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04
Ubuntu 20.04
Ubuntu 18.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5532-2: python-bottle, python-bottle-doc, python3-bottle