Max CVSS | 6.4 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-26137 | 6.4 |
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
|
08-10-2023 - 14:15 | 30-09-2020 - 18:15 | |
CVE-2019-20907 | 5.0 |
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
|
24-05-2023 - 21:15 | 13-07-2020 - 13:15 | |
CVE-2020-26116 | 6.4 |
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
|
24-05-2023 - 21:15 | 27-09-2020 - 04:15 | |
CVE-2020-14422 | 4.3 |
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary
|
16-05-2023 - 02:15 | 18-06-2020 - 14:15 | |
CVE-2020-26137 | 5.0 |
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
|
30-09-2020 - 18:19 | 30-09-2020 - 18:15 | |
CVE-2020-26137 | 5.0 |
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
|
30-09-2020 - 18:19 | 30-09-2020 - 18:15 | |
CVE-2020-26116 | 5.0 |
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
|
27-09-2020 - 22:01 | 27-09-2020 - 04:15 | |
CVE-2020-26116 | 5.0 |
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
|
27-09-2020 - 22:01 | 27-09-2020 - 04:15 | |
CVE-2019-18874 | 5.0 |
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
|
18-11-2019 - 21:15 | 12-11-2019 - 02:15 |