Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 client accessing said server. This is fixed in version 0.19.0 which contains a new implementation of auth headers parsing using the pyparsing library.
No PoCs from references.
- https://github.com/11notes/docker-github-runner
- https://github.com/ANTONYOH/midterm_trivy
- https://github.com/McLaouth/trivi
- https://github.com/ankitv1504/TaskManage-ci-cd
- https://github.com/aquasecurity/trivy
- https://github.com/candrapw/trivy
- https://github.com/doyensec/regexploit
- https://github.com/fhirfactory/pegacorn-scanner-trivy
- https://github.com/georgearce24/aquasecurity-trivy
- https://github.com/immydestiny/trivy-file
- https://github.com/justPray/1122
- https://github.com/kaisenlinux/trivy
- https://github.com/khulnasoft-lab/vulx
- https://github.com/krishna-commits/trivy
- https://github.com/krishna-commits/trivy-test
- https://github.com/rafavinnce/trivy_0.27.1
- https://github.com/renovate-bot/khulnasoft-lab-_-vulx
- https://github.com/retr0-13/regexploit