VYPR
High severityNVD Advisory· Published Jan 17, 2023· Updated Dec 22, 2025

mechanize vulnerable to ReDoS

CVE-2021-32837

Description

mechanize, a library for automatically interacting with HTTP web servers, contains a regular expression that is vulnerable to regular expression denial of service (ReDoS) prior to version 0.4.6. If a web server responds in a malicious way, then mechanize could crash. Version 0.4.6 has a patch for the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mechanizePyPI
< 0.4.60.4.6

Affected products

5

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.