Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-26116

Опубликовано: 27 сент. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.4
CVSS3: 7.2

Описание

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

DNE

esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

not-affected

code not present
esm-infra/xenial

not-affected

code not present
focal

not-affected

code not present
groovy

ignored

end of life
hirsute

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

3.4.3-1ubuntu1~14.04.7+esm8
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

3.5.2-2ubuntu0~16.04.4~14.04.1+esm1
esm-infra/focal

DNE

esm-infra/xenial

not-affected

3.5.2-2ubuntu0~16.04.12
focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

released

3.6.9-1~18.04ubuntu1.3
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

3.6.9-1~18.04ubuntu1.3
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

DNE

esm-apps/bionic

released

3.7.5-2ubuntu1~18.04.2+esm3
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

DNE

esm-apps/bionic

released

3.8.0-3ubuntu1~18.04.2+esm2
esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

focal

not-affected

groovy

not-affected

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/focal

not-affected

3.9.0-5~20.04
esm-infra-legacy/trusty

DNE

focal

not-affected

3.9.0-5~20.04
groovy

not-affected

3.9.0-5
hirsute

not-affected

3.9.0-5
impish

not-affected

3.9.0-5
jammy

DNE

kinetic

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00513
Низкий

6.4 Medium

CVSS2

7.2 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-26116

CVSS3: 6.5
redhat
больше 5 лет назад

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

nvd логотип

CVE-2020-26116

CVSS3: 7.2
nvd
больше 4 лет назад

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

msrc логотип

CVE-2020-26116

CVSS3: 7.2
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-26116

CVSS3: 7.2
debian
больше 4 лет назад

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ...

suse-cvrf логотип

openSUSE-SU-2020:1988-1

suse-cvrf
больше 4 лет назад

Security update for python

EPSS

Процентиль: 66%
0.00513
Низкий

6.4 Medium

CVSS2

7.2 High

CVSS3

Уязвимость CVE-2020-26116