Количество 25
Количество 25
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
http.client in Python 3.x before 3.5.10 3.6.x before 3.6.12 3.7.x before 3.7.9 and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
CVE-2020-26116
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ...
openSUSE-SU-2020:1988-1
Security update for python
openSUSE-SU-2020:1859-1
Security update for python
SUSE-SU-2021:0341-1
Security update for python-urllib3
SUSE-SU-2021:0299-1
Security update for python-urllib3
SUSE-SU-2020:3262-1
Security update for python3
SUSE-SU-2020:3121-1
Security update for python
SUSE-SU-2020:3115-1
Security update for python
SUSE-SU-2020:14550-1
Security update for python
GHSA-w7gf-rpqw-gx4f
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
BDU:2021-03738
Уязвимость метода HTTP запроса языка программирования Python, связанная с недостатком механизма кодирование или экранирование выходных данных, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
RLSA-2021:1879
Moderate: python38:3.8 security update
ELSA-2022-5235
ELSA-2022-5235: python security update (MODERATE)
ELSA-2021-1879
ELSA-2021-1879: python38:3.8 security update (MODERATE)
RLSA-2021:1761
Moderate: python27:2.7 security and bug fix update
ELSA-2021-1761
ELSA-2021-1761: python27:2.7 security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 1% Низкий | около 5 лет назад |
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 6.5 | 1% Низкий | больше 5 лет назад |
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 1% Низкий | около 5 лет назад |
 | CVE-2020-26116 http.client in Python 3.x before 3.5.10 3.6.x before 3.6.12 3.7.x before 3.7.9 and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 1% Низкий | почти 5 лет назад |
| CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ... | CVSS3: 7.2 | 1% Низкий | около 5 лет назад |
 | openSUSE-SU-2020:1988-1 Security update for python | 1% Низкий | почти 5 лет назад | |
| openSUSE-SU-2020:1859-1 Security update for python | 1% Низкий | почти 5 лет назад | |
| SUSE-SU-2021:0341-1 Security update for python-urllib3 | 1% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:0299-1 Security update for python-urllib3 | 1% Низкий | почти 5 лет назад | |
| SUSE-SU-2020:3262-1 Security update for python3 | 1% Низкий | почти 5 лет назад | |
| SUSE-SU-2020:3121-1 Security update for python | 1% Низкий | около 5 лет назад | |
| SUSE-SU-2020:3115-1 Security update for python | 1% Низкий | около 5 лет назад | |
| SUSE-SU-2020:14550-1 Security update for python | 1% Низкий | почти 5 лет назад | |
| GHSA-w7gf-rpqw-gx4f http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | CVSS3: 7.2 | 1% Низкий | больше 3 лет назад |
 | BDU:2021-03738 Уязвимость метода HTTP запроса языка программирования Python, связанная с недостатком механизма кодирование или экранирование выходных данных, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность | CVSS3: 7.2 | 1% Низкий | около 5 лет назад |
 | RLSA-2021:1879 Moderate: python38:3.8 security update | больше 4 лет назад | ||
| ELSA-2022-5235 ELSA-2022-5235: python security update (MODERATE) | больше 3 лет назад | ||
| ELSA-2021-1879 ELSA-2021-1879: python38:3.8 security update (MODERATE) | больше 4 лет назад | ||
| RLSA-2021:1761 Moderate: python27:2.7 security and bug fix update | больше 4 лет назад | ||
| ELSA-2021-1761 ELSA-2021-1761: python27:2.7 security and bug fix update (MODERATE) | больше 4 лет назад |
Уязвимостей на страницу