Количество 25
Количество 25
BDU:2021-03738
Уязвимость метода HTTP запроса языка программирования Python, связанная с недостатком механизма кодирование или экранирование выходных данных, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ...
openSUSE-SU-2020:1988-1
Security update for python
openSUSE-SU-2020:1859-1
Security update for python
SUSE-SU-2021:0341-1
Security update for python-urllib3
SUSE-SU-2021:0299-1
Security update for python-urllib3
SUSE-SU-2020:3262-1
Security update for python3
SUSE-SU-2020:3121-1
Security update for python
SUSE-SU-2020:3115-1
Security update for python
SUSE-SU-2020:14550-1
Security update for python
GHSA-w7gf-rpqw-gx4f
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
RLSA-2021:1879
Moderate: python38:3.8 security update
ELSA-2022-5235
ELSA-2022-5235: python security update (MODERATE)
ELSA-2021-1879
ELSA-2021-1879: python38:3.8 security update (MODERATE)
RLSA-2021:1761
Moderate: python27:2.7 security and bug fix update
ELSA-2021-1761
ELSA-2021-1761: python27:2.7 security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2021-03738 Уязвимость метода HTTP запроса языка программирования Python, связанная с недостатком механизма кодирование или экранирование выходных данных, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность | CVSS3: 7.2 | 0% Низкий | больше 4 лет назад |
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 0% Низкий | больше 4 лет назад |
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 6.5 | 0% Низкий | больше 5 лет назад |
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 0% Низкий | больше 4 лет назад |
 | CVSS3: 7.2 | 0% Низкий | больше 4 лет назад | |
| CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ... | CVSS3: 7.2 | 0% Низкий | больше 4 лет назад |
 | openSUSE-SU-2020:1988-1 Security update for python | 0% Низкий | больше 4 лет назад | |
| openSUSE-SU-2020:1859-1 Security update for python | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:0341-1 Security update for python-urllib3 | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:0299-1 Security update for python-urllib3 | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2020:3262-1 Security update for python3 | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2020:3121-1 Security update for python | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2020:3115-1 Security update for python | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2020:14550-1 Security update for python | 0% Низкий | больше 4 лет назад | |
| GHSA-w7gf-rpqw-gx4f http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 0% Низкий | около 3 лет назад |
 | RLSA-2021:1879 Moderate: python38:3.8 security update | около 4 лет назад | ||
| ELSA-2022-5235 ELSA-2022-5235: python security update (MODERATE) | почти 3 года назад | ||
| ELSA-2021-1879 ELSA-2021-1879: python38:3.8 security update (MODERATE) | около 4 лет назад | ||
| RLSA-2021:1761 Moderate: python27:2.7 security and bug fix update | около 4 лет назад | ||
| ELSA-2021-1761 ELSA-2021-1761: python27:2.7 security and bug fix update (MODERATE) | около 4 лет назад |
Уязвимостей на страницу