CVE-2021-41945 - log back

CVE-2021-41945 edited at 16 May 2022 17:07:00
Description
- Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`.
+ A vulnerability was found in the `httpx.URL`, `httpx.Client`and `httpx.URL.copy_with' functions of the python-httpx package allowing an attacker to bypass access restrictions.
CVE-2021-41945 edited at 16 May 2022 16:59:58
Type
- Unknown
+ Access restriction bypass
CVE-2021-41945 edited at 15 May 2022 09:51:07
Severity
- Unknown
+ Critical
Remote
- Unknown
+ Remote
Description
+ Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`.
References
+ https://gist.github.com/lebr0nli/4edb76bbd3b5ff993cf44f2fbce5e571
+ https://github.com/advisories/GHSA-h8pj-cxx2-jfg2
+ https://github.com/encode/httpx/discussions/1831
+ https://github.com/encode/httpx/issues/2184
+ https://github.com/encode/httpx/pull/2185
Notes
CVE-2021-41945 created at 15 May 2022 09:43:52