what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

CVE-2021-3737

Status Candidate

Overview

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

Related Files

Red Hat Security Advisory 2022-5673-01
Posted Jul 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5673-01 - Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-3634, CVE-2021-3737, CVE-2021-40528, CVE-2021-41103, CVE-2021-4189, CVE-2021-43565, CVE-2022-1271, CVE-2022-1621, CVE-2022-1629, CVE-2022-22576, CVE-2022-25313, CVE-2022-25314, CVE-2022-26945, CVE-2022-27774
SHA-256 | e6a4b0b59b2757ea6ef380429f73c2819e182dbd4e1d06bf09b8c22eac8f952b
Red Hat Security Advisory 2022-5188-01
Posted Jun 27, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5188-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23222, CVE-2021-25219, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902
SHA-256 | de99e1a865995c3cb23cb50bcf37b75b678a3a66147e77f88143a4717bf81758
Red Hat Security Advisory 2022-5132-01
Posted Jun 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-23222, CVE-2021-25219, CVE-2021-31566, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902, CVE-2022-24407
SHA-256 | bfca0ba942391c6a43c9f8d48bf4d26fb94e10f853c2bf23fb873d2cf0db5c07
Red Hat Security Advisory 2022-5006-01
Posted Jun 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5006-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-25219, CVE-2021-3634, CVE-2021-3737, CVE-2021-38185, CVE-2021-3981, CVE-2021-4189, CVE-2021-43813, CVE-2022-1154, CVE-2022-1271, CVE-2022-1650, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806, CVE-2022-24675, CVE-2022-24785, CVE-2022-28327, CVE-2022-29224, CVE-2022-29225, CVE-2022-29226, CVE-2022-29228, CVE-2022-31045
SHA-256 | 6f6ba67471416e8a7e06343894cacbc3dcadc86799322067063a37ae1ba3d122
Red Hat Security Advisory 2022-4985-01
Posted Jun 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4985-01 - New Cryostat 2.1.1 on RHEL 8 container images have been released, containing bug fixes and addressing security vulnerabilities. Issues addressed include a deserialization vulnerability.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-4189, CVE-2022-25647, CVE-2022-28948
SHA-256 | 29ff927b4e6efd73257365583c3736b94f307003c4ae5533fe580bcab4812753
Red Hat Security Advisory 2022-4956-01
Posted Jun 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4956-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues. Issues addressed include privilege escalation and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-0404, CVE-2020-13974, CVE-2020-19131, CVE-2020-27820, CVE-2020-4788, CVE-2021-0941, CVE-2021-20322, CVE-2021-21781, CVE-2021-26401, CVE-2021-29154, CVE-2021-3612, CVE-2021-3634, CVE-2021-3669, CVE-2021-37159, CVE-2021-3737, CVE-2021-3743, CVE-2021-3744, CVE-2021-3752, CVE-2021-3759, CVE-2021-3764, CVE-2021-3772, CVE-2021-3773, CVE-2021-3918, CVE-2021-4002, CVE-2021-4037, CVE-2021-4083, CVE-2021-41190, CVE-2021-4157
SHA-256 | 878315e02041e8cdde9d1b5e67ed064f3cf0e6605b2eb860d63e94f3d703f519
Red Hat Security Advisory 2022-4671-01
Posted Jun 3, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4671-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | 1a7182c8803733e24a2f52a38dc6173bf272d5ad45772e1226fe7c4a018efefe
Red Hat Security Advisory 2022-4880-01
Posted Jun 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4880-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-23222, CVE-2021-23820, CVE-2021-25219, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-41190, CVE-2021-4189, CVE-2022-1154, CVE-2022-1271
SHA-256 | c63643705f44dff2556cecc50e362faec1c7302c8cda104e2a0666de9f499543
Red Hat Security Advisory 2022-4863-01
Posted Jun 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4863-01 - OpenShift Serverless version 1.22.1 contains a moderate security impact.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-4189, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806
SHA-256 | dda02360413f1824abefb4a0bce3718b9ecc6ba04a0192343b6453bd7257ab9c
Red Hat Security Advisory 2022-4814-01
Posted May 31, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4814-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service and memory exhaustion vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2020-0404, CVE-2020-13974, CVE-2020-19131, CVE-2020-27820, CVE-2020-35492, CVE-2020-4788, CVE-2021-0941, CVE-2021-20322, CVE-2021-21781, CVE-2021-26401, CVE-2021-29154, CVE-2021-3612, CVE-2021-3634, CVE-2021-3669, CVE-2021-37159, CVE-2021-3737, CVE-2021-3743, CVE-2021-3744, CVE-2021-3752, CVE-2021-3759, CVE-2021-3764, CVE-2021-3772, CVE-2021-3773, CVE-2021-3807, CVE-2021-39293, CVE-2021-4002
SHA-256 | de3fa8ee040cf6c28c1affa37a50086f48d77a4fce95eaf6d26445098ef47a20
Red Hat Security Advisory 2022-4690-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-25219, CVE-2021-3634, CVE-2021-3639, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | 3bfe6b3b087ca42a19201811078371538ab2936796ff2422443605c3aef038d7
Red Hat Security Advisory 2022-4692-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4692-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | ecf97b114c811de8b773415e31f85d2dbbd762da9a08556fc7bc868b0c83a9a5
Red Hat Security Advisory 2022-4691-01
Posted May 19, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4691-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2021-3634, CVE-2021-3737, CVE-2021-41617, CVE-2021-4189, CVE-2022-24904, CVE-2022-24905, CVE-2022-29165
SHA-256 | 6fe762e2616c6dacdada61a5ff131f5097db13088eef51a3811f2266f29dfb07
Red Hat Security Advisory 2022-1821-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1821-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2021-3733, CVE-2021-3737, CVE-2021-4189, CVE-2021-43818, CVE-2022-0391
SHA-256 | 7f5d07cb76947dd97d0ef4499761f3a21f5ac6ce8b664d628ff9051f4d8f3ad5
Red Hat Security Advisory 2022-1764-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1764-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2021-3733, CVE-2021-3737, CVE-2021-43818, CVE-2022-0391
SHA-256 | 7031e93a404f5038380ef83ca82a615ac3678cf775d367c8e05fb73cb59cd5b0
Red Hat Security Advisory 2022-1986-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1986-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2021-3737, CVE-2021-4189
SHA-256 | a40faf86624e14db1d1c8f8075e128c4a5a387e3da6dc289c062ccadc9c320b2
Red Hat Security Advisory 2022-1663-01
Posted May 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1663-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, python
systems | linux, redhat
advisories | CVE-2021-3733, CVE-2021-3737, CVE-2021-4189, CVE-2022-0391
SHA-256 | 6432414f7b8a6571ed395cf657578903108760e6c22f8983c8ddccfd17747480
Ubuntu Security Notice USN-5199-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5199-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses. Specially crafted traffic from a malicious HTTP server could cause a denial of service condition for a client. Various other issues were also addressed.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3733, CVE-2021-3737
SHA-256 | e86e38e0b9b633e7b95fa55ad292060af6dfd4ee2f4b514fc7b7010bdd95c697
Ubuntu Security Notice USN-5201-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5201-1 - It was discovered that the Python urllib http client could enter into an infinite loop when incorrectly handling certain server responses. Specially crafted traffic from a malicious HTTP server could cause a denial of service condition for a client.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3737
SHA-256 | 166ac08c6ee9a3867cba31876bc061600a3dc4369f9ead2dc6536bcc4f3783fc
Ubuntu Security Notice USN-5200-1
Posted Dec 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5200-1 - It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex with a quadratic worst-case time complexity. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service condition for a client. Various other issues were also addressed.

tags | advisory, web, denial of service, python
systems | linux, ubuntu
advisories | CVE-2020-8492, CVE-2021-3733, CVE-2021-3737
SHA-256 | 729bc78597e4fd0f17e876cb9c891d709d4ad254691f0fa2f4c7241f79beb5f0
Red Hat Security Advisory 2021-4160-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4160-03 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, python
systems | linux, redhat
advisories | CVE-2021-28957, CVE-2021-29921, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572, CVE-2021-3733, CVE-2021-3737
SHA-256 | d4c975c8f0fd0283493287448972680095337bb6113fc44f4837d867665d4273
Online Student Admission System 1.0 SQL Injection / Shell Upload
Posted Oct 25, 2021
Authored by Gerard Carbonell

Online Student Admission System version 1.0 suffers from remote SQL injection and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
advisories | CVE-2021-37371, CVE-2021-37372
SHA-256 | 36688c99c02af566da1a2ad3333b8930e825677158f9d160b0fdae0e322c02a1
Ubuntu Security Notice USN-5083-1
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5083-1 - It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. It was discovered that Python incorrectly handled certain server responses. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3733, CVE-2021-3737
SHA-256 | cf1c664ac3030e4cd34e05174e101afebd1645b1bdeba83b3242a64505d95995
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close