From: Leonidas S. Barbosa
Date: Apr 21, 2020 9:51PM
Date: Apr 21, 2020 9:51PM
It was discovered that Python incorrectly stripped certain characters from
requests. A remote attacker could use this issue to perform CRLF injection.
(CVE-2019-18348)
It was discovered that Python incorrectly handled certain HTTP requests.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8492)
References:
https://usn.ubuntu.com/4333-1
CVE-2019-18348, CVE-2020-8492
沒有留言:
張貼留言