Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Python Improper Encoding or Escaping of Output Vulnerability - CVE-2020-26116 - Vulnerability Database
Python

Python Improper Encoding or Escaping of Output Vulnerability - CVE-2020-26116

High
Reference: CVE-2020-26116
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-26116
Title: Python Improper Encoding or Escaping of Output Vulnerability
Overview:

http.client in Python 3.x before 3.5.10 3.6.x before 3.6.12 3.7.x before 3.7.9 and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.