CVE-2021-21240, GHSA-93xj-8mrv-444m
pypi/httplib2
Uncontrolled Resource Consumption
httplib2 is a comprehensive HTTP client library for Python. In httplib2, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 client accessing said server.
All versions before 0.19.0
Upgrade to version 0.19.0 or above.
2021-02-15
source |