Lucene search

K
cvelistRedhatCVELIST:CVE-2021-3737
HistoryMar 04, 2022 - 12:00 a.m.

CVE-2021-3737

2022-03-0400:00:00
CWE-835
redhat
www.cve.org
23
python
http
remote attacker
infinite loop
system availability

AI Score

7.8

Confidence

High

EPSS

0.016

Percentile

87.3%

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "python",
    "versions": [
      {
        "version": "Fixed in python v3.6.14, python v3.7.11, python v3.8.11, python v3.9.6, python v3.10.0b2",
        "status": "affected"
      }
    ]
  }
]