{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35720?format=json","vulnerability_id":"VCID-v8bw-2ukf-bbfg","summary":"httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of \"\\xa0\" characters in the \"www-authenticate\" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 client accessing said server. This is fixed in version 0.19.0 which contains a new implementation of auth headers parsing using the pyparsing library.","aliases":[{"alias":"CVE-2021-21240"},{"alias":"GHSA-93xj-8mrv-444m"},{"alias":"PYSEC-2021-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19870?format=json","purl":"pkg:pypi/httplib2@0.19.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.19.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/7882?format=json","purl":"pkg:pypi/httplib2@0.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7883?format=json","purl":"pkg:pypi/httplib2@0.7.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7884?format=json","purl":"pkg:pypi/httplib2@0.7.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7885?format=json","purl":"pkg:pypi/httplib2@0.7.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7886?format=json","purl":"pkg:pypi/httplib2@0.7.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7887?format=json","purl":"pkg:pypi/httplib2@0.7.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.5"},{"url":"http://public2.vulnerablecode.io/api/packages/7888?format=json","purl":"pkg:pypi/httplib2@0.7.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7889?format=json","purl":"pkg:pypi/httplib2@0.7.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.7.7"},{"url":"http://public2.vulnerablecode.io/api/packages/7890?format=json","purl":"pkg:pypi/httplib2@0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-eem4-2qxa-ufbk"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/7891?format=json","purl":"pkg:pypi/httplib2@0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/15715?format=json","purl":"pkg:pypi/httplib2@0.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/15716?format=json","purl":"pkg:pypi/httplib2@0.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/15717?format=json","purl":"pkg:pypi/httplib2@0.10.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.10.3"},{"url":"http://public2.vulnerablecode.io/api/packages/15718?format=json","purl":"pkg:pypi/httplib2@0.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15719?format=json","purl":"pkg:pypi/httplib2@0.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/15720?format=json","purl":"pkg:pypi/httplib2@0.11.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.11.3"},{"url":"http://public2.vulnerablecode.io/api/packages/15721?format=json","purl":"pkg:pypi/httplib2@0.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15722?format=json","purl":"pkg:pypi/httplib2@0.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/15723?format=json","purl":"pkg:pypi/httplib2@0.12.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.12.3"},{"url":"http://public2.vulnerablecode.io/api/packages/15724?format=json","purl":"pkg:pypi/httplib2@0.13.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.13.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15725?format=json","purl":"pkg:pypi/httplib2@0.13.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.13.1"},{"url":"http://public2.vulnerablecode.io/api/packages/15726?format=json","purl":"pkg:pypi/httplib2@0.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15727?format=json","purl":"pkg:pypi/httplib2@0.15.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15728?format=json","purl":"pkg:pypi/httplib2@0.16.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.16.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15729?format=json","purl":"pkg:pypi/httplib2@0.17.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.17.0"},{"url":"http://public2.vulnerablecode.io/api/packages/15730?format=json","purl":"pkg:pypi/httplib2@0.17.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.17.1"},{"url":"http://public2.vulnerablecode.io/api/packages/15731?format=json","purl":"pkg:pypi/httplib2@0.17.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.17.2"},{"url":"http://public2.vulnerablecode.io/api/packages/15732?format=json","purl":"pkg:pypi/httplib2@0.17.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.17.3"},{"url":"http://public2.vulnerablecode.io/api/packages/15733?format=json","purl":"pkg:pypi/httplib2@0.17.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92cy-sw95-63fb"},{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.17.4"},{"url":"http://public2.vulnerablecode.io/api/packages/15734?format=json","purl":"pkg:pypi/httplib2@0.18.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.18.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19869?format=json","purl":"pkg:pypi/httplib2@0.18.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8bw-2ukf-bbfg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/httplib2@0.18.1"}],"references":[{"reference_url":"https://github.com/httplib2/httplib2/commit/bd9ee252c8f099608019709e22c0d705e98d26bc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/httplib2/httplib2/commit/bd9ee252c8f099608019709e22c0d705e98d26bc"},{"reference_url":"https://github.com/httplib2/httplib2/pull/182","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/httplib2/httplib2/pull/182"},{"reference_url":"https://github.com/httplib2/httplib2/security/advisories/GHSA-93xj-8mrv-444m","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/httplib2/httplib2/security/advisories/GHSA-93xj-8mrv-444m"},{"reference_url":"https://pypi.org/project/httplib2","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.org/project/httplib2"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v8bw-2ukf-bbfg"}