Lucene search

K

Redhat.comRH:CVE-2020-26137

HistorySep 29, 2020 - 7:03 p.m.

CVE-2020-26137

2020-09-2919:03:30

redhat.com

access.redhat.com

32

0.004 Low

EPSS

Percentile

74.7%

A flaw was found in python-urllib3. The HTTPConnection.request() does not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation of the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity.

References

bugzilla.redhat.com/show_bug.cgi?id=1883632

nvd.nist.gov/vuln/detail/CVE-2020-26137

www.cve.org/CVERecord?id=CVE-2020-26137

0.004 Low

EPSS

Percentile

74.7%

Related for RH:CVE-2020-26137