CVE-2021-3737

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-3737
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3737.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-3737
Aliases
Downstream
Related
Published
2022-03-04T19:15:08.730Z
Modified
2026-04-11T12:36:49.616606Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

Database specific 
{
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "last_affected": "22.1.3"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "22.1.1"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "22.2.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "14.04"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "16.04"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "18.04"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "20.04"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "21.04"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "33"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "34"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "6.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "7.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*"
        },
        {
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*"
        }
    ]
}
References

Affected packages

Git / github.com/python/cpython

Affected ranges

Type
GIT
Repo
https://github.com/python/cpython
Events
Introduced
5c4568a05a0a62b5947c55f68f9f2ecfb90a4f12
Fixed
9a0099d1bf14bce417370aae6d55527417cda354
Introduced
1bf9cc509326bc42cd8cb1650eb9bf64550d817e
Fixed
9da28d2b3429d1bb30e082e4c9cb544d81fdae20
Introduced
fa919fdf2583bdfead1df00e842f24f30b2a34bf
Fixed
c3ffbbdf3d5645ee07c22649f2028f9dffc762ba
Introduced
9cf6752276e6fcfd0c23fdb064ad27f448aaaf75
Fixed
db3ff76da19004f266b62e98a81bdfd322861436
Database specific 
{
    "extracted_events": [
        {
            "introduced": "3.6.0"
        },
        {
            "fixed": "3.6.14"
        },
        {
            "introduced": "3.7.0"
        },
        {
            "fixed": "3.7.11"
        },
        {
            "introduced": "3.8.0"
        },
        {
            "fixed": "3.8.11"
        },
        {
            "introduced": "3.9.0"
        },
        {
            "fixed": "3.9.6"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3737.json"