CVE-2021-3116

before_upstream_connection in AuthPlugin in http/proxy/auth.py in proxy.py before 2.3.1 accepts incorrect Proxy-Authorization header data because of a boolean confusion (and versus or).
Configurations

Configuration 1 (hide)

cpe:2.3:a:proxy.py_project:proxy.py:*:*:*:*:*:*:*:*

History

15 Feb 2024, 21:40

Type Values Removed Values Added
References () https://github.com/abhinavsingh/proxy.py/pull/482/commits/9b00093288237f5073c403f2c4f62acfdfa8ed46 - Patch, Third Party Advisory () https://github.com/abhinavsingh/proxy.py/pull/482/commits/9b00093288237f5073c403f2c4f62acfdfa8ed46 - Patch
References () https://pypi.org/project/proxy.py/2.3.1/#history - Product, Third Party Advisory () https://pypi.org/project/proxy.py/2.3.1/#history - Product
CWE NVD-CWE-noinfo CWE-697

Information

Published : 2021-01-11 05:15

Updated : 2024-02-15 21:40


NVD link : CVE-2021-3116

Mitre link : CVE-2021-3116

CVE.ORG link : CVE-2021-3116


JSON object : View

Products Affected

proxy.py_project

  • proxy.py
CWE
CWE-697

Incorrect Comparison