Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Python Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting) Vulnerability - CVE-2016-5699 - Vulnerability Database
Python

Python Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting) Vulnerability - CVE-2016-5699

Medium
Reference: CVE-2016-5699
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-5699
Title: Python Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting) Vulnerability
Overview:

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.