CVE-2021-41945

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-41945

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41945.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-41945

Aliases

Downstream

DEBIAN-CVE-2021-41945

UBUNTU-CVE-2021-41945

openSUSE-SU-2024:12041-1

openSUSE-SU-2025:14664-1

Related

Published

2022-04-28T14:15:07Z

Modified

2025-10-21T06:36:16.318126Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

Encode OSS httpx < 0.23.0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copy_with.

References

Affected packages

Git / github.com/encode/httpx

Affected ranges

Type: GIT
Repo: https://github.com/encode/httpx
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

89cdd903b2f339c6ae319773c31b8c9352bd9cd8

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.1.0

0.1.1

0.10.0

0.11.0

0.11.1

0.12.0

0.12.1

0.13.0

0.13.0.dev0

0.13.0.dev1

0.13.0.dev2

0.13.1

0.13.2

0.13.3

0.14.0

0.14.1

0.14.2

0.14.3

0.15.0

0.15.1

0.15.2

0.15.3

0.15.4

0.15.5

0.16.0

0.16.1

0.17.0

0.17.1

0.18.0

0.18.1

0.18.2

0.19.0

0.2.0

0.2.1

0.20.0

0.21.0

0.21.1

0.21.2

0.21.3

0.22.0

0.3.0

0.3.1

0.4.0

0.5.0

0.6.0

0.6.1

0.6.2

0.6.3

0.6.4

0.6.5

0.6.6

0.6.7

0.6.8

0.7.0

0.7.1

0.7.2

0.7.3

0.7.4

0.7.5

0.7.6

0.7.7

0.7.8

0.8.0

0.9.0

0.9.1

0.9.2

0.9.3

0.9.4

0.9.5

1.*

1.0.0.beta0