vulnerability
F5 Networks: CVE-2020-26116: K000133759: Python vulnerability CVE-2020-26116
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | Sep 27, 2020 | Dec 6, 2023 | Aug 2, 2024 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Sep 27, 2020
Added
Dec 6, 2023
Modified
Aug 2, 2024
Description
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
Solution
f5-big-ip-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.