CVE-2021-29476

Опубликовано: 27 апр. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patched and users of Requests 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0.

Ссылки

https://github.com/WordPress/Requests/security/advisories/GHSA-52qp-jpq7-6c54
Third Party Advisory
https://github.com/rmccue/Requests/pull/421
Patch
Third Party Advisory
https://github.com/WordPress/Requests/security/advisories/GHSA-52qp-jpq7-6c54
Third Party Advisory
https://github.com/rmccue/Requests/pull/421
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wordpress:requests:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:requests:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:wordpress:requests:1.7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02219

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-502

Связанные уязвимости

CVE-2021-29476

CVSS3: 9.8

ubuntu

почти 5 лет назад

Requests is a HTTP library written in PHP. Requests mishandles deserialization in FilteredIterator. The issue has been patched and users of `Requests` 1.6.0, 1.6.1 and 1.7.0 should update to version 1.8.0.

CVE-2021-29476

CVSS3: 9.8

debian

почти 5 лет назад

Requests is a HTTP library written in PHP. Requests mishandles deseria ...

GHSA-52qp-jpq7-6c54

CVSS3: 9.8

github

почти 5 лет назад

Insecure Deserialization of untrusted data in rmccue/requests

EPSS

Процентиль: 84%

0.02219

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-502