vulnerability

Oracle Linux: CVE-2021-33503: ELSA-2021-4160: python39:3.9 and python39-devel:3.9 security update (MODERATE) (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
06/01/2021
Added
07/22/2024
Modified
01/08/2025

Description

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.
A flaw was found in python-urllib3. When provided with a URL containing many @ characters in the authority component, the authority's regular expression exhibits catastrophic backtracking. This flaw causes a denial of service if a URL is passed as a parameter or redirected via an HTTP redirect. The highest threat from this vulnerability is to system availability.

Solution(s)

oracle-linux-upgrade-python38oracle-linux-upgrade-python38-asn1cryptooracle-linux-upgrade-python38-atomicwritesoracle-linux-upgrade-python38-attrsoracle-linux-upgrade-python38-babeloracle-linux-upgrade-python38-cffioracle-linux-upgrade-python38-chardetoracle-linux-upgrade-python38-cryptographyoracle-linux-upgrade-python38-cythonoracle-linux-upgrade-python38-debugoracle-linux-upgrade-python38-develoracle-linux-upgrade-python38-idleoracle-linux-upgrade-python38-idnaoracle-linux-upgrade-python38-jinja2oracle-linux-upgrade-python38-libsoracle-linux-upgrade-python38-lxmloracle-linux-upgrade-python38-markupsafeoracle-linux-upgrade-python38-mod-wsgioracle-linux-upgrade-python38-more-itertoolsoracle-linux-upgrade-python38-numpyoracle-linux-upgrade-python38-numpy-docoracle-linux-upgrade-python38-numpy-f2pyoracle-linux-upgrade-python38-packagingoracle-linux-upgrade-python38-piporacle-linux-upgrade-python38-pip-wheeloracle-linux-upgrade-python38-pluggyoracle-linux-upgrade-python38-plyoracle-linux-upgrade-python38-psutiloracle-linux-upgrade-python38-psycopg2oracle-linux-upgrade-python38-psycopg2-docoracle-linux-upgrade-python38-psycopg2-testsoracle-linux-upgrade-python38-pyoracle-linux-upgrade-python38-pycparseroracle-linux-upgrade-python38-pymysqloracle-linux-upgrade-python38-pyparsingoracle-linux-upgrade-python38-pysocksoracle-linux-upgrade-python38-pytestoracle-linux-upgrade-python38-pytzoracle-linux-upgrade-python38-pyyamloracle-linux-upgrade-python38-requestsoracle-linux-upgrade-python38-rpm-macrosoracle-linux-upgrade-python38-scipyoracle-linux-upgrade-python38-setuptoolsoracle-linux-upgrade-python38-setuptools-wheeloracle-linux-upgrade-python38-sixoracle-linux-upgrade-python38-testoracle-linux-upgrade-python38-tkinteroracle-linux-upgrade-python38-urllib3oracle-linux-upgrade-python38-wcwidthoracle-linux-upgrade-python38-wheeloracle-linux-upgrade-python38-wheel-wheeloracle-linux-upgrade-python39oracle-linux-upgrade-python39-attrsoracle-linux-upgrade-python39-cffioracle-linux-upgrade-python39-chardetoracle-linux-upgrade-python39-cryptographyoracle-linux-upgrade-python39-cythonoracle-linux-upgrade-python39-debugoracle-linux-upgrade-python39-develoracle-linux-upgrade-python39-idleoracle-linux-upgrade-python39-idnaoracle-linux-upgrade-python39-iniconfigoracle-linux-upgrade-python39-libsoracle-linux-upgrade-python39-lxmloracle-linux-upgrade-python39-mod-wsgioracle-linux-upgrade-python39-more-itertoolsoracle-linux-upgrade-python39-numpyoracle-linux-upgrade-python39-numpy-docoracle-linux-upgrade-python39-numpy-f2pyoracle-linux-upgrade-python39-packagingoracle-linux-upgrade-python39-piporacle-linux-upgrade-python39-pip-wheeloracle-linux-upgrade-python39-pluggyoracle-linux-upgrade-python39-plyoracle-linux-upgrade-python39-psutiloracle-linux-upgrade-python39-psycopg2oracle-linux-upgrade-python39-psycopg2-docoracle-linux-upgrade-python39-psycopg2-testsoracle-linux-upgrade-python39-pyoracle-linux-upgrade-python39-pybind11oracle-linux-upgrade-python39-pybind11-develoracle-linux-upgrade-python39-pycparseroracle-linux-upgrade-python39-pymysqloracle-linux-upgrade-python39-pyparsingoracle-linux-upgrade-python39-pysocksoracle-linux-upgrade-python39-pytestoracle-linux-upgrade-python39-pyyamloracle-linux-upgrade-python39-requestsoracle-linux-upgrade-python39-rpm-macrosoracle-linux-upgrade-python39-scipyoracle-linux-upgrade-python39-setuptoolsoracle-linux-upgrade-python39-setuptools-wheeloracle-linux-upgrade-python39-sixoracle-linux-upgrade-python39-testoracle-linux-upgrade-python39-tkinteroracle-linux-upgrade-python39-tomloracle-linux-upgrade-python39-urllib3oracle-linux-upgrade-python39-wcwidthoracle-linux-upgrade-python39-wheeloracle-linux-upgrade-python39-wheel-wheel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.