debian · CVE-2016-5699

Quick triage

Priority: not yet assigned 公開: Updated: Tue, 30 Jun 2026 01:59:28 GMT

参照: Official debian advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-5699 not yet assigned priority: Debian including 1 source packages (python2.7), 1 status rows across 1 suites (bullseye): resolved 1.

Description:

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

cvelogic Threat Intelligence