Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-x85f-j5v8-5vrv

Опубликовано: 21 янв. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 6

Описание

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

Ссылки

EPSS

Процентиль: 33%
0.00136
Низкий

6 Medium

CVSS4

CVE ID

CVE-2026-0672

Дефекты

CWE-93

Связанные уязвимости

ubuntu логотип

CVE-2026-0672

ubuntu
2 месяца назад

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

redhat логотип

CVE-2026-0672

CVSS3: 4.8
redhat
2 месяца назад

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

nvd логотип

CVE-2026-0672

nvd
2 месяца назад

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.

debian логотип

CVE-2026-0672

debian
2 месяца назад

When using http.cookies.Morsel, user-controlled cookie values and para ...

suse-cvrf логотип

SUSE-SU-2026:0590-1

suse-cvrf
около 1 месяца назад

Security update for python

EPSS

Процентиль: 33%
0.00136
Низкий

6 Medium

CVSS4

CVE ID

CVE-2026-0672

Дефекты

CWE-93