In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
References
Configurations
History
07 Nov 2023, 03:02
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Oct 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Jun 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MISC) https://github.com/urllib3/urllib3/issues/1553 - Issue Tracking, Exploit, Third Party Advisory |
Information
Published : 2019-04-15 15:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-11236
Mitre link : CVE-2019-11236
CVE.ORG link : CVE-2019-11236
JSON object : View
Products Affected
python
- urllib3
CWE
CWE-93
Improper Neutralization of CRLF Sequences ('CRLF Injection')