Showing 1 - 4 of 4

CVE-2020-26137

Status Candidate

Overview

urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.

Related Files

Red Hat Security Advisory 2021-0079-01: Posted Jan 20, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0079-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. Issues addressed include crlf injection and man-in-the-middle vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2019-11840, CVE-2020-26137, CVE-2020-8554; MD5 | 889d390eab1057d92e07376a987128af; Download | Favorite | View

Red Hat Security Advisory 2021-0034-01: Posted Jan 20, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0034-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection, crlf injection, and information leakage vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2020-2304, CVE-2020-2305, CVE-2020-2306, CVE-2020-2307, CVE-2020-2308, CVE-2020-2309, CVE-2020-26137; MD5 | e62587459bb9d69e6473529a4b2a2763; Download | Favorite | View

Red Hat Security Advisory 2020-4299-01: Posted Oct 21, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, denial of service, and double free vulnerabilities.; tags | advisory, denial of service, vulnerability, python; systems | linux, redhat; advisories | CVE-2019-18874, CVE-2019-20907, CVE-2020-14422, CVE-2020-26116, CVE-2020-26137; MD5 | 89a9cb754fbb97802d7fe82be6995570; Download | Favorite | View

Ubuntu Security Notice USN-4570-1: Posted Oct 5, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4570-1 - It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.; tags | advisory, remote; systems | linux, ubuntu; advisories | CVE-2020-26137; MD5 | 94d0262eabdbd307023dc56562e3ca2e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 97 files
malvuln 60 files
Ubuntu 52 files
Google Security Research 15 files
Erik David Martin 9 files
Gentoo 5 files
Apple 5 files
Jeenali Kothari 4 files
Richard Jones 4 files
Tim Willis 4 files

File Archives

Systems

AIX (421)
Apple (1,774)
BSD (368)
Cisco (1,902)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,040)
HPUX (873)
iOS (284)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,463)
Mac OS X (673)
Mandriva (3,105)
NetBSD (255)
OpenBSD (472)
RedHat (9,691)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,138)
UNIX (8,846)
UnixWare (180)
Windows (5,815)
Other

CVE-2020-26137

Overview

Related Files

File Archive:

February 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems