VYPR
High severityNVD Advisory· Published Jun 29, 2021· Updated Aug 3, 2024

CVE-2021-33503

CVE-2021-33503

Description

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
urllib3PyPI
>= 1.25.4, < 1.26.51.26.5

Affected products

413

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.