Zurück zur CVE-Übersicht
CVE-2026-1502
NONERisk Signal Score0/100 — NIEDRIG
EPSS-Score
1%
Exploit-Wahrscheinlichkeit (30 Tage)
Beschreibung
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host.
Referenzen
- https://github.com/python/cpython/commit/05ed7ce7ae9e17c23a04085b2539fe6d6d3cef6...
- https://github.com/python/cpython/commit/56b7100b04e44ea27989242b176beb8f016b2c5...
- https://github.com/python/cpython/commit/58703ec1bdd1eb075e8b01a0c427683ce594dd3...
- https://github.com/python/cpython/commit/9e071c9b28c17f347f81b388a003d4eeb3c7a8d...
- https://github.com/python/cpython/commit/b1cf9016335cb637c5a425032e8274a224f4b2e...
- https://github.com/python/cpython/commit/c00c386faa579ad71196d33408644478488e43e...
- https://github.com/python/cpython/issues/146211
- https://github.com/python/cpython/pull/146212
- https://mail.python.org/archives/list/security-announce@python.org/thread/2IVPAE...
- http://www.openwall.com/lists/oss-security/2026/04/11/4