vulnerability
Red Hat OpenShift: CVE-2019-11236: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Apr 15, 2019 | Dec 29, 2020 | May 10, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Apr 15, 2019
Added
Dec 29, 2020
Modified
May 10, 2023
Description
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
Solution
linuxrpm-upgrade-python-urllib3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.