EPSS
Percentile
45.0%
CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI.
%0d%0a
github.com/advisories/GHSA-mh24-7wvg-v88g
github.com/pypiserver/pypiserver
github.com/pypiserver/pypiserver/commit/1375a67c55a9b8d4619df30d2a1c0b239d7357e6
github.com/pypiserver/pypiserver/issues/237
nvd.nist.gov/vuln/detail/CVE-2019-6802