RSS   Vulnerabilities for 'Pypiserver'   RSS

2019-01-24
 
CVE-2019-6802

CWE-93
 

 
CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI.

 

 >>> Vendor: Python 20 Products
Python
Virtualenv
Beaker
Keyring
Setuptools
RPLY
Pyxdg
Pillow
Requests
PIP
Tgcaptcha2
Urllib3
Python priority library
Hpack
Hyper
Openpyxl
Tablib
Simplejson
Pykerberos
Pypiserver


Copyright 2019, cxsecurity.com

 

Back to Top