---

CVE-2021-41945 - log back

CVE-2021-41945 edited at 16 May 2022 17:07:00
Description	- Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`. + A vulnerability was found in the `httpx.URL`, `httpx.Client`and `httpx.URL.copy_with' functions of the python-httpx package allowing an attacker to bypass access restrictions.

CVE-2021-41945 edited at 16 May 2022 16:59:58
Type	- Unknown + Access restriction bypass

CVE-2021-41945 edited at 15 May 2022 09:51:07
Severity	- Unknown + Critical
Remote	- Unknown + Remote
Description	+ Encode OSS httpx <=1.0.0.beta0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`.
References	+ https://gist.github.com/lebr0nli/4edb76bbd3b5ff993cf44f2fbce5e571 + https://github.com/advisories/GHSA-h8pj-cxx2-jfg2 + https://github.com/encode/httpx/discussions/1831 + https://github.com/encode/httpx/issues/2184 + https://github.com/encode/httpx/pull/2185
Notes

CVE-2021-41945 created at 15 May 2022 09:43:52