Bug ID 1180570
Summary VUL-0: CVE-2020-35678: python-autobahn: allows redirect header injection
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.1
Hardware Other
URL https://smash.suse.de/issue/274062/
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee steven.kowalik@suse.com
Reporter rfrohl@suse.com
QA Contact security-team@suse.de
CC dmueller@suse.com
Found By Security Response Team
Blocker ---

rh#1911314

Autobahn|Python before 20.12.3 allows redirect header injection.

Reference and upstream patch:
https://github.com/crossbario/autobahn-python/pull/1439

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1911314
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35678
https://access.redhat.com/security/cve/CVE-2020-35678
https://github.com/crossbario/autobahn-python/pull/1439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35678
https://github.com/crossbario/autobahn-python/compare/v20.12.2...v20.12.3
https://github.com/crossbario/autobahn-python
https://pypi.org/project/autobahn/20.12.3/
https://autobahn.readthedocs.io/en/latest/changelog.html


You are receiving this mail because: