Lucene search
Veracode Vulnerability DatabaseVERACODE:30782HistoryJun 02, 2021 - 8:30 a.m.
Denial Of Service (DoS)
2021-06-0208:30:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
0.003 Low
EPSS
Percentile
69.2%
urllib3 is vulnerable to denial of service. An attacker is able to send a URL containing many @ characters in the authority component as a parameter or redirected to via an HTTP redirect, causing catastrophic backtracking and a denial of service.
References
github.com/advisories/GHSA-q2q7-5pp4-w6pg
github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec
github.com/urllib3/urllib3/security/advisories/GHSA-q2q7-5pp4-w6pg
lists.fedoraproject.org/archives/list/[email protected]/message/6SCV7ZNAHS3E6PBFLJGENCDRDRWRZZ6W/
lists.fedoraproject.org/archives/list/[email protected]/message/FMUGWEAUYGGHTPPXT6YBD53WYXQGVV73/
security.gentoo.org/glsa/202107-36
www.oracle.com/security-alerts/cpuoct2021.html
Related
redhatcve
redhatcve
CVE-2021-33503
2021-06-06 01:54:37
nessus
nessus
SUSE SLED15 / SLES15 Security Update : python-urllib3 (SUSE-SU-2021:2012-1)
2021-06-21 00:00:00
Photon OS 3.0: Python PHSA-2021-3.0-0266
2021-07-22 00:00:00
openSUSE 15 Security Update : python-urllib3 (openSUSE-SU-2021:2012-1)
2021-07-16 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0266
2021-07-12 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0266
2021-07-13 00:00:00
Critical Photon OS Security Update - PHSA-2021-0060
2021-07-13 00:00:00
redos
redos
ROS-20220125-01
2022-01-25 00:00:00
prion
prion
Open redirect
2021-06-29 11:15:00
cbl_mariner
cbl_mariner
CVE-2021-33503 affecting package python-urllib3 1.25.9-2
2021-08-11 06:39:25
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:2012-1)
2021-06-20 00:00:00
Ubuntu: Security Advisory (USN-5812-1)
2023-01-20 00:00:00
Fedora: Security Advisory for python-urllib3 (FEDORA-2021-9c5f3b8aae)
2021-07-11 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: mingw-python-urllib3-1.25.10-3.fc34
2021-06-19 01:09:27
[SECURITY] Fedora 33 Update: python-urllib3-1.25.8-5.fc33
2021-07-08 01:08:49
[SECURITY] Fedora 34 Update: python-urllib3-1.25.10-5.fc34
2021-07-04 01:10:06
ubuntucve
ubuntucve
CVE-2021-33503
2021-06-29 00:00:00
suse
suse
Security update for python-urllib3 (important)
2021-07-10 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in urllib3 (CVE-2021-33503).
2023-01-12 21:59:00
osv
osv
python-urllib3 vulnerability
2023-01-19 13:52:19
CVE-2021-33503
2021-06-29 11:15:07
PYSEC-2021-108
2021-06-29 11:15:00
redhat
redhat
nvd
nvd
CVE-2021-33503
2021-06-29 11:15:07
archlinux
archlinux
[ASA-202106-25] python-urllib3: denial of service
2021-06-09 00:00:00
amazon
amazon
Medium: python-urllib3
2021-07-14 20:40:00
cvelist
cvelist
CVE-2021-33503
2021-06-29 10:55:35
cve
cve
CVE-2021-33503
2021-06-29 11:15:07
f5
f5
K23456112 : Python urllib3 vulnerability CVE-2021-33503
2021-11-26 00:00:00
debiancve
debiancve
CVE-2021-33503
2021-06-29 11:15:07
github
github
ubuntu
ubuntu
urllib3 vulnerability
2023-01-19 00:00:00
mageia
mageia
Updated python-urllib3 package fixes security vulnerabilities
2021-07-27 23:21:53
Updated python-pip packages fix security vulnerabilities
2021-07-25 17:45:06
gentoo
gentoo
urllib3: Multiple vulnerabilities
2021-07-15 00:00:00
almalinux
almalinux
Moderate: python39:3.9 and python39-devel:3.9 security update
2021-11-09 08:26:25
Moderate: python38:3.8 and python38-devel:3.8 security update
2021-11-09 12:47:54
oraclelinux
oraclelinux
python39:3.9 and python39-devel:3.9 security update
2021-11-16 00:00:00
python38:3.8 and python38-devel:3.8 security update
2021-11-16 00:00:00
rocky
rocky
python39:3.9 and python39-devel:3.9 security update
2021-11-09 08:26:25
python38:3.8 and python38-devel:3.8 security update
2021-11-09 12:47:54
oracle
oracle
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00