Description

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

Remediation

References

CVE-2016-5699

Related Vulnerabilities

WordPress Plugin WP Dark Mode-Best Dark Mode & Social Sharing for WordPress Cross-Site Scripting (3.0.6)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3724)

WordPress Plugin Starbox-the Author Box for Humans Cross-Site Scripting (3.0.8)

MySQL CVE-2022-21301 Vulnerability (CVE-2022-21301)

WordPress Plugin WooCommerce Cross-Site Scripting (5.1.0)

Severity

Medium

Classification

CVE-2016-5699 CWE-113 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities