CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2021/06/06 1:54 a.m.•151 views

CVE-2021-33503

A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. T...

7.5CVSS0.9AI score0.03273EPSS

Photon•added 2021/06/02 12:0 a.m.•56 views

Important Photon OS Security Update - PHSA-2021-0246

Updates of 'python-urllib3', 'libxml2' packages of Photon OS have been released...

7.5CVSS1.7AI score0.0828EPSS

Exploits1

Photon•added 2021/06/02 12:0 a.m.•52 views

Important Photon OS Security Update - PHSA-2021-3.0-0246

Updates of 'python-urllib3', 'libxml2' packages of Photon OS have been released...

5.8AI score

Exploits0

Tenable Nessus•added 2021/05/26 12:0 a.m.•59 views

Oracle Linux 8 : python-urllib3 (ELSA-2021-1631)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-1631 advisory. 1.24.2-5.0.1 - set RECENTDATE to 01/30/2019 to make checks happy Orabug: 30228991 1.24.2-5 - Security fix for CVE-2020-26137 Resolves: rhbz1883889 Tenable has...

Tenable Nessus•added 2021/05/19 12:0 a.m.•48 views

CentOS 8 : python-urllib3 (CESA-2021:1631)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:1631 advisory. - python-urllib3: CRLF injection via HTTP request method CVE-2020-26137 Note that Nessus has not tested for this issue but has instead relied only on the...

6.5CVSS7.6AI score0.02199EPSS

Tenable Nessus•added 2021/05/19 12:0 a.m.•46 views

RHEL 8 : python-urllib3 (RHSA-2021:1631)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:1631 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: CRLF...

6.5CVSS7.6AI score0.02199EPSS

Exploits0References6

RedHat Linux•added 2021/05/18 3:33 p.m.•5 views

python-urllib3: CRLF injection via HTTP request method

A flaw was found in python-urllib3. The HTTPConnection.request does not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation of the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrit...

6.5CVSS6.7AI score0.02199EPSS

RedHat Linux•added 2021/05/18 3:33 p.m.•190 views

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

6.5CVSS6.9AI score0.02199EPSS

Exploits0References3

Rockylinux•added 2021/05/18 6:24 a.m.•15 views

new module: python39:3.9

An update is available for python-more-itertools, pytest, python-psycopg2, python-lxml, python-PyMySQL, python3x-six, python-toml, python-urllib3, PyYAML, python-attrs, python-iniconfig, python-requests, modwsgi, python3x-pip, python-py, python-chardet, python-pluggy, Cython, python-psutil,...

0.2AI score

Exploits0

OSV•added 2021/05/18 5:42 a.m.•35 views

RLSA-2021:1631 Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: CRLF injection via HTTP request method CVE-2020-26137 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

AlmaLinux•added 2021/05/18 5:42 a.m.•67 views

Moderate: python-urllib3 security update

Rockylinux•added 2021/05/18 5:42 a.m.•43 views

python-urllib3 security update

An update is available for python-urllib3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-urllib3 package provides the Python HTTP module with...

OpenVAS•added 2021/05/03 12:0 a.m.•8 views

Exploits0

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2021-1842)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.02813EPSS

Tenable Nessus•added 2021/04/30 12:0 a.m.•38 views

EulerOS 2.0 SP3 : python-urllib3 (EulerOS-SA-2021-1842)

According to the version of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS stor...

7.5CVSS6.9AI score0.02813EPSS

RedHat Linux•added 2021/04/21 8:24 p.m.•2 views

python-urllib3: HTTPS proxy host name not validated when using default SSLContext

A flaw was found in python-urllib3. SSL certificate validation is omitted in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy if an SSLContext isn't given via proxyconfig doesn't verify the hostname of the certificate. This means certificates for different...

6.5CVSS6.8AI score0.02109EPSS