CVE-2016-5699

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-5699
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5699.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-5699
Aliases
Downstream
Related
Published
2016-09-02T14:59:07.003Z
Modified
2026-03-15T22:09:44.894679Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type
GIT
Repo
https://github.com/python/cpython
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a5f49f5bb46b6b8c7bf1ffedbaf3009186b94b50
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6046c5e0298c25515ea58abc8ab87f7413e3f743
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c1e689ec9677f3222790aaf7da5c8c7361e50115
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5c5f3de16e42d8e9d3f11c9d0e8184659def5ae3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
aa36b9cc0143e8726d387aee8b7918b35e840178
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5757429130b8bba026e75d358ef0494a6ac0aed8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d858df20d0d82eeefbdbe9982cfd68207a0cd446
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c37a4fdf5472b9460cc38885342ef59bce05753f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
65b2eb9dfebe873e8ee5821f13d5a8c07d9c89c2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
09a7df8301bef5a5ac957371ae9e19c68acdca0a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
27a28589c5ab8603240b63122f48a91b1c6b4ccf
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4fbc0d8baa2126db4ace0c8a03c1773f01abdda6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bfe36ec1f580248d5e718667c204974275f8974a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
439d88542ef77d5c867b8298e4c2c6be4a412a5e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e054f452bd9118def58c18aa295662c9845e1c89
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9aa23c5671218dfe62e35945d0ff884f2727d312
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
84fc4ba67eedd249ae7643930eacd0058303b95c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9e2043a5613a6423b7051b08a916b01969c179ed
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a7bf78d3eb3523572f7f306f0108e2c1b81e6a93
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fbd7518a412b162a0b749f6df71b3105140ab253
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
18e897250a073e22ebc5e50d59551e44d98f8338
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3101b7076270756f8be699358c69c5d15ea2cc48
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5c26a8afbb6fa43a35e8a1d6942157209890437a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
dbb126103e1c4f2818e0dfc7aa4a689d86565e7a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f5caf2b30bfe70e5107f816c9e7f7fe3ef5299d9
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7.9"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.1.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.2.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.3.6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.4.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.4.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.4.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.4.3"
        }
    ]
}

Affected versions

v0.*
v0.9.8
v0.9.9
v1.*
v1.0.1
v1.0.2
v1.1
v1.1.1
v1.2
v1.2b1
v1.2b2
v1.2b3
v1.2b4
v1.3
v1.3b1
v1.4
v1.4b1
v1.4b2
v1.4b3
v1.5
v1.5.1
v1.5.2
v1.5.2a1
v1.5.2a2
v1.5.2b1
v1.5.2b2
v1.5.2c1
v1.5a1
v1.5a2
v1.5a3
v1.5a4
v1.5b1
v1.5b2
v1.6a1
v1.6a2
v2.*
v2.0
v2.0b1
v2.0b2
v2.0c1
v2.1
v2.1a1
v2.1a2
v2.1b1
v2.1b2
v2.1c1
v2.1c2
v2.2a3
v2.3c1
v2.3c2
v2.4
v2.4a1
v2.4a2
v2.4a3
v2.4b1
v2.4b2
v2.4c1
v3.*
v3.0a1
v3.0a2
v3.0a3
v3.0a4
v3.0a5
v3.0b1

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.1.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.2.0"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5699.json"