PT-2021-7372 · Python+10 · Python+10
Published
2021-05-03
·
Updated
2026-02-22
·
CVE-2021-3737
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Python (affected versions not specified)
Description
A flaw in the HTTP client code of Python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. This issue is related to the
urllib component and can lead to uncontrolled resource consumption.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Infinite Loop
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Python
Red Hat
Rocky Linux
Suse
Ubuntu