CVE-2016-5699

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-5699

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5699.json

Aliases

PSF-2016-8

Related

Published

2016-09-02T14:59:07Z

Modified

2024-05-14T05:30:51.808634Z

Summary

[none]

Details

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type: GIT
Repo: https://github.com/python/cpython
Events: Introduced

0The exact introduced commit is unknown

Last affected

08e544e27bcc26fd82d218ea0676da42c8b8b9f7

Last affected

18e897250a073e22ebc5e50d59551e44d98f8338

Last affected

3101b7076270756f8be699358c69c5d15ea2cc48

Last affected

439d88542ef77d5c867b8298e4c2c6be4a412a5e

Last affected

4ca04b67f00edabe86072446f059adcb70eafcdd

Last affected

5757429130b8bba026e75d358ef0494a6ac0aed8

Last affected

586547387b468ffb391cb76842f65e68164e5135

Last affected

5c26a8afbb6fa43a35e8a1d6942157209890437a

Last affected

6046c5e0298c25515ea58abc8ab87f7413e3f743

Last affected

81c393b3ded977375d35297b3d47b47014b2391a

Last affected

84fc4ba67eedd249ae7643930eacd0058303b95c

Last affected

8bc7e31529bd10dca2a139ecc0c8838e6021a5a2

Last affected

9aa23c5671218dfe62e35945d0ff884f2727d312

Last affected

9e2043a5613a6423b7051b08a916b01969c179ed

Last affected

a5f49f5bb46b6b8c7bf1ffedbaf3009186b94b50

Last affected

a7bf78d3eb3523572f7f306f0108e2c1b81e6a93

Last affected

bfe36ec1f580248d5e718667c204974275f8974a

Last affected

c37a4fdf5472b9460cc38885342ef59bce05753f

Last affected

cd0dc16fdc60860bb69be020518234c0e897a1fb

Last affected

d858df20d0d82eeefbdbe9982cfd68207a0cd446

Last affected

dbb126103e1c4f2818e0dfc7aa4a689d86565e7a

Last affected

e054f452bd9118def58c18aa295662c9845e1c89

Last affected

f0fa1b2f670334f9f4b123e6ecb65c3beef979ed

Last affected

f5caf2b30bfe70e5107f816c9e7f7fe3ef5299d9

Last affected

fbd7518a412b162a0b749f6df71b3105140ab253

Affected versions

v0.*

v0.9.8

v0.9.9

v1.*

v1.0.1

v1.0.2

v1.1

v1.1.1

v1.2

v1.2b1

v1.2b2

v1.2b3

v1.2b4

v1.3

v1.3b1

v1.4

v1.4b1

v1.4b2

v1.4b3

v1.5

v1.5.1

v1.5.2

v1.5.2a1

v1.5.2a2

v1.5.2b1

v1.5.2b2

v1.5.2c1

v1.5a1

v1.5a2

v1.5a3

v1.5a4

v1.5b1

v1.5b2

v1.6a1

v1.6a2

v2.*

v2.0

v2.0b1

v2.0b2

v2.0c1

v2.1

v2.1a1

v2.1a2

v2.1b1

v2.1b2

v2.1c1

v2.1c2

v2.2a3

v2.3c1

v2.3c2

v2.4

v2.4a1

v2.4a2

v2.4a3

v2.4b1

v2.4b2

v2.4c1

v3.*

v3.0a1

v3.0a2

v3.0a3

v3.0a4

v3.0a5

v3.0b1

v3.0b2

v3.0b3

v3.0rc1

v3.0rc2

v3.0rc3

v3.1

v3.1.1

v3.1.1rc1

v3.1.2

v3.1.2rc1

v3.1.3

v3.1.3rc1

v3.1.4

v3.1.4rc1

v3.1a1

v3.1a2

v3.1b1

v3.1rc1

v3.1rc2

v3.2

v3.2.1

v3.2.1b1

v3.2.1rc1

v3.2.1rc2

v3.2.2

v3.2.2rc1

v3.2a1

v3.2a2

v3.2a3

v3.2a4

v3.2b1

v3.2b2

v3.2rc1

v3.2rc2

v3.2rc3