Search CVE reports
1 – 3 of 3 results
CVE-2021-21240
Low priorityhttplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service...
1 affected package
python-httplib2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-httplib2 | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2020-11078
Low priorityIn httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability...
1 affected package
python-httplib2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-httplib2 | Not affected | Not affected | Vulnerable | Vulnerable | Vulnerable |
CVE-2013-2037
Medium prioritySome fixes available 4 of 6
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows...
1 affected package
python-httplib2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| python-httplib2 | — | — | — | — | — |