Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-11078

A flaw was found in python-httplib2. An attacker controlling an unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. (CVE-2020-11078)

Source

ALASANSIBLE2-2023-007

Amazon Linux 2 Security Advisory: ALASANSIBLE2-2023-007
Advisory Release Date: 2023-08-21 21:01 Pacific
Advisory Updated Date: 2023-09-25 22:13 Pacific

Severity: Medium

References: CVE-2020-11078
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in python-httplib2. An attacker controlling an unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. (CVE-2020-11078)

Affected Packages:

python-httplib2

Issue Correction:
Run yum update python-httplib2 to update your system.

New Packages:

noarch:
    python2-httplib2-0.18.1-3.amzn2.noarch
    python3-httplib2-0.18.1-3.amzn2.noarch

src:
    python-httplib2-0.18.1-3.amzn2.src

Additional References

Red Hat: CVE-2020-11078

Mitre: CVE-2020-11078

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALASANSIBLE2-2023-007

ALASANSIBLE2-2023-007

Additional References

Vulmon Search

About

Products

Connect