Updated: 2026-02-25 09:53:29.096791
Description:
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | HIGH | 7.1 |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 8.5 ELS | python2 | 2.7.18 | 7.5 | HIGH | Released | CLSA-2022:1654526367 | 2022-06-06 11:47:17 | |
| CentOS 8.5 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2022:1654010877 | 2022-05-31 11:38:04 | |
| CentOS 8.5 ELS | php | 7.4.19 | 7.5 | HIGH | Not Vulnerable | 2025-10-09 15:40:35 | ||
| CentOS Stream 8 ELS | php | 7.2.24 | 7.5 | HIGH | Not Vulnerable | 2025-10-09 15:40:29 | ||
| CloudLinux 6 ELS | python | 2.6.6 | 7.5 | HIGH | Released | CLSA-2022:1647958633 | 2022-04-07 21:52:18 | |
| CloudLinux 7 ELS | php | 5.4.16 | 7.5 | HIGH | Not Vulnerable | 2025-10-09 15:40:36 | ||
| CloudLinux 7 ELS | python | 2.7.5 | 7.5 | HIGH | Released | CLSA-2024:1727289167 | 2024-10-07 10:49:55 | |
| CloudLinux 7 ELS | python3 | 3.6.8 | 7.5 | HIGH | Released | CLSA-2024:1727288754 | 2024-10-07 10:50:30 | |
| Debian 10 ELS | php | 7.3 | 7.5 | HIGH | Not Vulnerable | 2026-02-16 23:02:25 | ||
| Oracle Linux 6 ELS | php | 5.3.3 | 7.5 | HIGH | Not Vulnerable | 2025-10-09 15:40:37 |