Lucene search

K
osvGoogleOSV:PSF-2022-7
HistoryMar 04, 2022 - 12:00 a.m.

CVE-2021-3737: urllib HTTP client possible infinite loop on a 100 Continue response

2022-03-0400:00:00
Google
osv.dev
15
cve-2021-3737
urllib
http client
infinite loop
remote attacker
system availability
cpu time

AI Score

7.6

Confidence

High

EPSS

0.016

Percentile

87.3%

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.