In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
References
Configurations
History
15 Jun 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-04-15 15:29
Updated : 2024-02-04 20:20
NVD link : CVE-2019-11236
Mitre link : CVE-2019-11236
CVE.ORG link : CVE-2019-11236
JSON object : View
Products Affected
python
- urllib3
CWE
CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')