rpm package
opensuse/python-httplib2&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/python-httplib2&distro=openSUSE%20Leap%2015.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21240 | Hig | 7.5 | < 0.19.0-lp152.6.3.1 | 0.19.0-lp152.6.3.1 | Feb 8, 2021 | httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 clie | |
| CVE-2020-11078 | Med | 6.8 | < 0.19.0-lp152.6.3.1 | 0.19.0-lp152.6.3.1 | May 20, 2020 | In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by str |
- affected < 0.19.0-lp152.6.3.1fixed 0.19.0-lp152.6.3.1
httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 clie
- affected < 0.19.0-lp152.6.3.1fixed 0.19.0-lp152.6.3.1
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by str