Опубликовано: 15 апр. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.1
Описание
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.22-1ubuntu0.18.04.1 |
| cosmic | released | 1.22-1ubuntu0.18.10.1 |
| devel | released | 1.24.1-1ubuntu1 |
| disco | released | 1.24.1-1ubuntu0.1 |
| esm-infra-legacy/trusty | not-affected | 1.7.1-1ubuntu4.1+esm1 |
| esm-infra/bionic | not-affected | 1.22-1ubuntu0.18.04.1 |
| esm-infra/xenial | not-affected | 1.13.1-2ubuntu0.16.04.3 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | released | 1.7.1-1ubuntu4.1+esm1 |
Показывать по
10
EPSS
Процентиль: 69%
0.00636
Низкий
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.5
redhat
больше 6 лет назад
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVSS3: 6.1
nvd
около 6 лет назад
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
CVSS3: 6.1
debian
около 6 лет назад
In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...
CVSS3: 6.1
github
около 3 лет назад
Improper Neutralization of CRLF Sequences in urllib3 library for Python
EPSS
Процентиль: 69%
0.00636
Низкий
4.3 Medium
CVSS2
6.1 Medium
CVSS3