Lucene search
K

5 matches found

NVD
NVD
added 2021/02/08 8:15 p.m.35 views

CVE-2021-21240

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

7.5CVSS0.03876EPSS
Exploits1References4
Prion
Prion
added 2021/02/08 8:15 p.m.22 views

Code injection

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

5CVSS7.3AI score0.03876EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/02/08 8:15 p.m.68 views

PYSEC-2021-16

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

7.5CVSS2.8AI score0.03876EPSS
Exploits1References4
CVE
CVE
added 2021/02/08 7:45 p.m.242 views

CVE-2021-21240

CVE-2021-21240 affects httplib2 prior to 0.19.0. A malicious server can send a WWW-Authenticate header containing a long sequence of non-breaking spaces (\xa0), causing a Denial of Service by CPU-intensive header parsing. The root cause is in how httplib2 parses auth headers; a fix was implemente...

7.5CVSS7.4AI score0.03876EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/02/08 7:41 p.m.27 views

GHSA-93XJ-8MRV-444M Regular Expression Denial of Service (REDoS) in httplib2

Impact A malicious server which responds with long series of \xa0 characters in the www-authenticate header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said server. Patches Version 0.19.0 contains new implementation of auth headers parsing, using...

8.7CVSS7.5AI score0.03876EPSS
Exploits1References7
Rows per page
Query Builder