4 matches found
MiracleLinux 8 : python27:2.7 (AXSA:2022-3551:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3551:01 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python: ftplib should not use the host from the PASV response...
UBUNTU-CVE-2021-37533
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about...
CLSA-2022-1654526367 Fixed CVEs in python-setuptools_scm-6.module_el8.5.0+2050+77770ab7: CVE-2021-4189, CVE-2022-0391, CVE-2021-3733, CVE-2021-3737
CVE-2021-3733: urllib: Regular expression DoS in AbstractBasicAuthHandler rhbz2047376 - CVE-2021-3737: urllib: HTTP client possible infinite loop on a 100 Continue response rhbz2047376 - CVE-2021-4189: ftplib should not use the host from the PASV response rhbz2047376 - CVE-2022-0391: urllib.parse...
CLSA-2022-1653920195 Fixed CVEs in python3: CVE-2021-3737, CVE-2021-3426, CVE-2021-4189, CVE-2022-0391
CVE-2021-3426: Remove the pydoc getfile feature which could lead to information disclosure rhbz1935913 - CVE-2021-3737: urllib: HTTP client possible infinite loop on a 100 Continue response rhbz2036020 - CVE-2021-4189: ftplib should not use the host from the PASV response rhbz2036020 -...