Updated: 2026-02-25 09:53:29.096791
Description:
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | HIGH | 7.1 |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| Oracle Linux 6 ELS | python | 2.6.6 | 7.5 | HIGH | Released | CLSA-2022:1647958678 | 2022-04-07 21:52:18 | |
| Oracle Linux 7 ELS | php | 5.4.16 | 7.5 | HIGH | Not Vulnerable | 2025-10-09 15:40:31 | ||
| Oracle Linux 7 ELS | python | 2.7.5 | 7.5 | HIGH | Already Fixed | 2025-10-03 21:08:58 | ||
| RHEL 7 ELS | php | 5.4.16 | 7.5 | HIGH | Not Vulnerable | 2025-10-09 15:40:35 | ||
| RHEL 7 ELS | python | 2.7.5 | 7.5 | HIGH | Already Fixed | 2025-10-03 21:08:57 | ||
| TuxCare 9.6 ESU | php | 8.0.30 | 7.5 | HIGH | Not Vulnerable | 2026-02-16 23:02:24 | ||
| Ubuntu 16.04 ELS | python3.5 | 3.5.2 | 7.5 | HIGH | Released | CLSA-2021:1635430087 | 2021-11-02 21:02:48 | |
| Ubuntu 16.04 ELS | python2.7 | 2.7.12 | 7.5 | HIGH | Released | CLSA-2022:1647969910 | 2022-04-07 21:52:18 | |
| Ubuntu 16.04 ELS | php | 7.0.33 | 7.5 | HIGH | Not Vulnerable | 2025-09-30 05:27:21 | ||
| Ubuntu 18.04 ELS | php | 7.2.24-0 | 7.5 | HIGH | Not Vulnerable | 2025-09-30 05:27:23 |