CVE-2016-5699 in CPythoninfo

Summary

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

Once again VulDB remains the best source for vulnerability data.

Reservation

06/16/2016

Disclosure

09/02/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-113

CVSS

6.1

EPSS

0.35276

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5699
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5699
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5699/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!