Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

Ubuntu 20.04 LTS USN-5812-1: Urllib3 Denial Of Service Risk

ubuntu
Calendar Grey January 19, 2023
Dist Ubuntu Esm H88
USN-5820-1 security alert addresses a python-requests denial of service flaw affecting Ubuntu platforms
urllib3 could be made to stop responding if it received specially crafted network traffic.

Summary

urllib3 could be made to stop responding if it received specially crafted

network traffic.

Software Description:

- python-urllib3: HTTP library with thread-safe connection pooling

Details:

It was discovered that urllib3 incorrectly handled certain characters

in URLs. A remote attacker could possibly use this issue to cause urllib3

to consume resources, leading to a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   python3-urllib3                 1.25.8-2ubuntu0.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5812-1

CVE-2021-33503

Severity
critical
Lowest
Low
Medium
High
Critical

January 19, 2023

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here