vulnerability

F5 Networks: CVE-2020-26116: K000133759: Python vulnerability CVE-2020-26116

Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Sep 27, 2020
Added
Dec 6, 2023
Modified
Aug 2, 2024

Description

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

Solution

f5-big-ip-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.