It was discovered that Python incorrectly handled certain character
sequences. A remote attacker could possibly use this issue to perform
CRLF injection.

References

ubuntu.com/security/CVE-2020-26116

ubuntu.com/security/notices/USN-4581-1

nessus 79

ibm 5

photon 5

osv 12

openvas 40

ubuntu 2

amazon 4

redhat 8

cbl_mariner 1

fedora 5

prion 2

debiancve 2

f5 2

suse 4

veracode 1

cloudfoundry 1

cve 2

ubuntucve 2

redhatcve 1

hackerone 1

github 1

debian 2

gentoo 1

alpinelinux 1

oraclelinux 4

centos 1

almalinux 3

rocky 2

cloudlinux 2

archlinux 1

rosalinux 1

mageia 1

nessus

openSUSE Security Update : python (openSUSE-2020-1859)

2020-11-09 00:00:00

openSUSE Security Update : python (openSUSE-2020-1988)

2020-11-23 00:00:00

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:3115-1)

2020-12-09 00:00:00

ibm

Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-26116

2021-03-11 10:59:38

Security Bulletin: Vulnerability in Open Source Python affects IBM Tivoli Application Dependency Discovery Manager (CVE-2020-26116)

2021-04-12 12:07:52

Security Bulletin: Vulnerability in Python affects IBM Spectrum Protect Plus Microsoft File Systems Agent (CVE-2020-26116)

2021-01-12 21:39:48

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0332

2020-10-14 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0289

2020-10-14 00:00:00

Important Photon OS Security Update - PHSA-2020-0332

2020-10-14 00:00:00

osv

BIT-python-2020-26116

2024-03-06 11:07:36

http.client: HTTP Header Injection in the HTTP method

2020-09-27 00:00:00

CVE-2020-26116

2020-09-27 04:15:11

openvas

SUSE: Security Advisory (SUSE-SU-2020:14550-1)

2021-06-09 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:0299-1)

2021-04-19 00:00:00

Fedora: Security Advisory for python27 (FEDORA-2020-887d3fa26f)

2020-10-17 00:00:00

ubuntu

Python vulnerability

2020-10-14 00:00:00

Python vulnerabilities

2021-03-12 00:00:00

amazon

Medium: python27, python34, python35

2020-11-16 17:59:00

Medium: python

2021-06-16 20:37:00

Medium: python3

2021-06-16 20:37:00

redhat

(RHSA-2021:3366) Moderate: python3 security update

2021-08-31 08:21:02

(RHSA-2022:5235) Moderate: python security update

2022-06-28 07:52:39

(RHSA-2021:1879) Moderate: python38:3.8 security update

2021-05-18 06:18:31

cbl_mariner

CVE-2020-26116 affecting package python3 3.7.7-2

2021-07-08 21:56:42

fedora

[SECURITY] Fedora 32 Update: mingw-python3-3.8.3-7.fc32

2020-11-17 01:14:12

[SECURITY] Fedora 33 Update: python2.7-2.7.18-6.fc33

2020-10-05 16:36:13

[SECURITY] Fedora 32 Update: python27-2.7.18-6.fc32

2020-10-16 15:21:26

prion

Crlf injection

2020-09-27 04:15:00

Crlf injection

2020-09-30 18:15:00

debiancve

CVE-2020-26116

2020-09-27 04:15:00

CVE-2020-26137

2020-09-30 18:15:00

K000133759 : Python vulnerability CVE-2020-26116

2023-05-08 00:00:00

K000133547 : Python urllib3 vulnerability CVE-2020-26137

2023-04-18 00:00:00

suse

Security update for python (moderate)

2020-11-07 00:00:00

Security update for python (moderate)

2020-11-21 00:00:00

Security update for python3 (important)

2020-12-26 00:00:00

veracode

CRLF Injection

2020-10-18 01:59:16

cloudfoundry

USN-4581-1: Python vulnerability | Cloud Foundry

2020-11-19 00:00:00

cve

CVE-2020-26116

2020-09-27 04:15:00

CVE-2020-26137

2020-09-30 18:15:00

ubuntucve

CVE-2020-26116

2020-09-27 00:00:00

CVE-2020-26137

2020-09-30 00:00:00

redhatcve

CVE-2020-26116

2020-10-02 02:06:52

hackerone

Ruby: 'net/http': HTTP Header Injection in the set_content_type method

2021-04-19 09:25:39

github

CRLF injection in urllib3

2021-06-18 18:46:43

debian

[SECURITY] [DLA 2456-1] python3.5 security update

2020-11-19 03:44:39

[SECURITY] [DLA 3610-1] python-urllib3 security update

2023-10-08 11:06:45

gentoo

Python: Multiple vulnerabilities

2021-01-24 00:00:00

alpinelinux

CVE-2020-26137

2020-09-30 18:15:00

oraclelinux

python security update

2022-07-02 00:00:00

python38:3.8 security update

2021-05-25 00:00:00

python3 security update

2021-05-25 00:00:00

centos

python, tkinter security update

2022-08-02 19:15:12

almalinux

Moderate: python38:3.8 security update

2021-05-18 06:18:31

Moderate: python3 security update

2021-05-18 05:42:46

Moderate: python27:2.7 security and bug fix update

2021-05-18 06:02:07

rocky

python38:3.8 security update

2021-05-18 06:18:31

python27:2.7 security and bug fix update

2021-05-18 06:02:07

cloudlinux

Fix of CVE: CVE-2020-26116, CVE-2020-8492, CVE-2018-20852, CVE-2020-27619

2021-10-05 14:07:59

Fix of CVE: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619

2021-09-23 12:55:16

archlinux

[ASA-202103-27] python2: multiple issues

2021-03-25 00:00:00

rosalinux

Advisory ROSA-SA-2023-2203

2023-08-01 12:58:39

mageia

Updated python and python3 packages fix security vulnerabilities

2020-12-08 13:40:32

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

8.6 High

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for OSV:USN-4581-1