CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2020-26137 – python-urllib3: CRLF injection via HTTP request method
https://notcve.org/view.php?id=CVE-2020-26137
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. urllib3 versiones anteriores a 1.25.9, permite una inyección de CRLF si el atacante controla el método de petición HTTP, como es demostrado al insertar caracteres de control CR y LF en el primer argumento de la función putrequest(). NOTA: esto es similar a CVE-2020-26116 A flaw was found in python-urllib3. The HTTPConnection.request() does not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation of the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity. • https://bugs.python.org/issue39603 https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b https://github.com/urllib3/urllib3/pull/1800 https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html https://usn.ubuntu.com/4570-1 https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2020-26137 https& • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7212
https://notcve.org/view.php?id=CVE-2020-7212
The _encode_invalid_chars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service (CPU consumption) because of an inefficient algorithm. The percent_encodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length N, the size of percent_encodings may be up to O(N). The next step (normalize existing percent-encoded bytes) also takes up to O(N) for each step, so the total time is O(N^2). • https://github.com/urllib3/urllib3/blob/master/CHANGES.rst https://github.com/urllib3/urllib3/commit/a74c9cfbaed9f811e7563cfc3dce894928e0221a https://pypi.org/project/urllib3/1.25.8 • CWE-400: Uncontrolled Resource Consumption •