CVE-2021-3737

Updated: 2023-02-02 20:03:18.225714

Description:

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.1
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS python 2.6.6 7.5 HIGH Released CLSA-2022:1647958513 2022-05-05 12:04:56
CentOS 8.4 ELS python3 3.6.8 7.5 HIGH Released CLSA-2022:1653920195 2022-05-30 11:37:29
CentOS 8.4 ELS python2 2.7.18 7.5 HIGH Released CLSA-2022:1654525948 2022-06-06 11:47:17
CentOS 8.5 ELS python3 3.6.8 7.5 HIGH Released CLSA-2022:1654010877 2022-05-31 11:38:04
CentOS 8.5 ELS python2 2.7.18 7.5 HIGH Released CLSA-2022:1654526367 2022-06-06 11:47:17
CloudLinux 6 ELS python 2.6.6 7.5 HIGH Released CLSA-2022:1647958633 2022-04-07 21:52:18
Oracle Linux 6 ELS python 2.6.6 7.5 HIGH Released CLSA-2022:1647958678 2022-04-07 21:52:18
Ubuntu 16.04 ELS python 2.7.12-1ubuntu0~16.04.13 7.5 HIGH Released CLSA-2022:1647969910 2022-04-07 21:52:18
Ubuntu 16.04 ELS python3 3.5.2-2ubuntu0~16.04.13 7.5 HIGH Released CLSA-2021:1635430087 2021-11-02 21:02:48