6 matches found
Security Bulletin: Vulnerability in urllib3 affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2020-26137, CVE-2020-7212, CVE-2021-33503]
Summary The urllib3 package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2020-26137, CVE-2020-7212, CVE-2021-33503. Vulnerability Details CVEID:CVE-2020-26137 DESCRIPTION: urllib3 is vulnerable to CRLF injection. By inserting...
Security Bulletin: Vulnerability in Python-urllib3 affects IBM Cloud Pak for Data System 2.0 (CPDS2.0)
Summary Python-urllib3 is used by IBM Cloud Pak for Data System 2.0. IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2020-26137,CVE-2020-7212, CVE-2021-33503. Vulnerability Details CVEID:CVE-2020-26137 DESCRIPTION: urllib3 is vulnerable to CRLF injection. By inserting CR an...
adversarial-labeller (=0.1.8), ali-cli (>=0.5.1 <=0.7.2) +223 more potentially affected by CVE-2020-7212 via urllib3 (>=1.25.2 <=1.25.7)
urllib3 PYPI version =1.25.2, =0.5.1, =1.1.28, =0.0.22, =0.0.6, =0.27.1, =0.45.0, =0.1.0, =0.0.1, =0.2.0, =0.0.5, =3.1.0, =0.3.4, =0.3.8 and more Source cves: CVE-2020-7212 Source advisory: OSV:GHSA-HMV2-79Q8-FV6G...
CVE-2020-7212
The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...
CVE-2020-7212
The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...
CVE-2020-7212
CVE-2020-7212 concerns urllib3 for Python (versions 1.25.2–1.25.7) with a Denial of Service risk caused by the _encode_invalid_chars implementation in util/url.py. The issue arises from an inefficient algorithm where the percent_encodings collection can grow O(N) for a URL of length N, and the su...