EPSS
Percentile
45.0%
CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI.
github.com/advisories/GHSA-mh24-7wvg-v88g
github.com/pypiserver/pypiserver/issues/237