PyPI package
pypiserver
pkg:pypi/pypiserver
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-6802 | — | < 1.2.6 | 1.2.6 | Jan 25, 2019 | CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI. |
- CVE-2019-6802Jan 25, 2019affected < 1.2.6fixed 1.2.6
CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI.