VYPR
High severity7.4NVD Advisory· Published Aug 23, 2022· Updated Jun 17, 2026

CVE-2021-28861

CVE-2021-28861

Description

Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

291

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.