Showing 1 - 1 of 1

CVE-2021-21240

Status Candidate

Overview

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 client accessing said server. This is fixed in version 0.19.0 which contains a new implementation of auth headers parsing using the pyparsing library.

Related Files

Red Hat Security Advisory 2021-2116-01: Posted May 26, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-2116-01 - A comprehensive HTTP client library that supports many features left out of other HTTP libraries. Issues addressed include crlf injection and denial of service vulnerabilities.; tags | advisory, web, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2020-11078, CVE-2021-21240; SHA-256 | 7eeaefaee72148562bb4d3175050940306bca66918bb6c30a908a5c2c7253ce6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 60 files
Debian 19 files
Gentoo 8 files
Apple 5 files
Google Security Research 4 files
Jann Horn 3 files
Spencer McIntyre 3 files
LiquidWorm 3 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2021-21240

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems