This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author mcascella
Recipients Amir, M W2, christian.heimes, gvanrossum, kmaork, larry, lukasz.langa, maxpl0it, mcascella, miss-islington, ned.deily, orsenthil, vstinner, xtreak
Date 2020-09-28.07:05:13
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1601276714.16.0.961221964238.issue39603@roundup.psfhosted.org>
In-reply-to
Content
Hello,

CVE-2020-26116 has been requested/assigned for this flaw via MITRE form: https://cveform.mitre.org/

I suggest mentioning it in the related vulnerability page: https://python-security.readthedocs.io/vuln/http-header-injection-method.html

Also note that httplib (python-2.7.18) seems to be affected too. Any particular reason for it not to be listed in the same vulnerability page?

Thank you,
History
Date User Action Args
2020-09-28 07:05:14mcascellasetrecipients: + mcascella, gvanrossum, orsenthil, vstinner, larry, christian.heimes, ned.deily, lukasz.langa, miss-islington, xtreak, kmaork, Amir, maxpl0it, M W2
2020-09-28 07:05:14mcascellasetmessageid: <1601276714.16.0.961221964238.issue39603@roundup.psfhosted.org>
2020-09-28 07:05:13mcascellalinkissue39603 messages
2020-09-28 07:05:13mcascellacreate