suse · CVE-2016-5699

Quick triage

Priority: medium Published: 2021-05-30 13:44:06 UTC Updated: 2026-04-18 16:05:29 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-5699 severity moderate: SUSE including 542 source package names (0.1.75:libpython3_6m1_0-3.6.10-3.42.2, 0.1.75:python3-3.6.10-3.42.2, …), 999 product×package rows across 125 product lines (Container caasp/v4/389-ds, Container caasp/v4/dnsmasq-nanny, … (125 product lines)): Fixed 842, Known Affected 157.

Description:

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.

cvelogic Threat Intelligence