Published: 15/04/2019 Updated: 24/04/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

In the urllib3 library up to and including 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.

Vulnerability Trend

Affected Products

Vendor Product Versions

Github Repositories

Etrata CI Vuln Scanner What is it? This is a lightweight python script that will load/read a directory of CVEs and allow you to search on them Usage etrata -n struts -v 2332 >'CVE-2017-9787', >'CVE-2017-9791', >'CVE-2017-9793', >'CVE-2017-9804', >'CVE-2017-9805', >'CVE-2018