2 matches found
CVE-2021-23336
CVE-2021-23336 affects Python CPython across multiple branches (0 and before 3.6.13; 3.7.0 before 3.7.10; 3.8.0 before 3.8.8; 3.9.0 before 3.9.2). The vulnerability is Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs using parameter cloaking with semicolons, causing the pr...
CVE-2020-24977
CVE-2020-24977 affects GNOME libxml2 up to version 2.9.10. The issue is a global buffer over-read in xmlEncodeEntitiesInternal (libxml2/entities.c), which can lead to information disclosure or crash conditions. The vulnerability was fixed in the commit 50f06b3e. Connected advisories corroborate l...