CVE-2019-11236

Опубликовано: 15 апр. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.

Релиз	Статус	Примечание
bionic	released	1.22-1ubuntu0.18.04.1
cosmic	released	1.22-1ubuntu0.18.10.1
devel	released	1.24.1-1ubuntu1
disco	released	1.24.1-1ubuntu0.1
esm-infra-legacy/trusty	released	1.7.1-1ubuntu4.1+esm1
esm-infra/bionic	released	1.22-1ubuntu0.18.04.1
esm-infra/xenial	released	1.13.1-2ubuntu0.16.04.3
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	released	1.7.1-1ubuntu4.1+esm1

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2019-11236

CVSS3: 6.5

redhat

почти 7 лет назад

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.

CVE-2019-11236

CVSS3: 6.1

nvd

больше 6 лет назад

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.

CVE-2019-11236

CVSS3: 6.1

msrc

почти 5 лет назад

In the urllib3 library through 1.24.1 for Python CRLF injection is possible if the attacker controls the request parameter.

CVE-2019-11236

CVSS3: 6.1

debian

больше 6 лет назад

In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...

GHSA-r64q-w8jr-g9qp

CVSS3: 6.1

github

больше 3 лет назад

Improper Neutralization of CRLF Sequences in urllib3 library for Python

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2019-11236

Описание

Пакет python-urllib3

Ссылки на источники

Связанные уязвимости