10 Mar 2022
Vulnérabilité CVE-2021-3733 CVE Vulnerability
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. (CVSS:0.0) (Last Update:2022-03-10)
Vulnerability Details : There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. Publish Date : 2022-03-10 Last Update Date : 2022-03-10 - CVSS Scores & Vulnerability Types
- Related OVAL Definitions
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability. - Products Affected By CVE-2021-3733
- References For CVE-2021-3733 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-3733There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |