6

CVE-2026-0672

Header injection in http.cookies.Morsel

When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerPython Software Foundation
Produkt CPython
Default Statusunaffected
Version 0
Version < 3.10.20
Status affected
Version 3.11.0
Version < 3.11.15
Status affected
Version 3.12.0
Version < 3.12.13
Status affected
Version 3.13.0
Version < 3.13.12
Status affected
Version 3.14.0
Version < 3.14.3
Status affected
Version 3.15.0a1
Version < 3.15.0a6
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.317
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cna@python.org 6 0 0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-93 Improper Neutralization of CRLF Sequences ('CRLF Injection')

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

https://github.com/python/cpython/pull/143920
https://github.com/python/cpython/issues/143919
https://mail.python.org/archives/list/security-announce@python.org/thread/6VFLQQEIX673KXKFUZXCUNE5AZOGZ45M/
https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70
https://github.com/python/cpython/commit/712452e6f1d4b9f7f8c4c92ebfcaac1705faa440
https://github.com/python/cpython/commit/62700107418eb2cca3fc88da036a243ea975f172
https://github.com/python/cpython/commit/7852d72b653fea0199acf5fc2a84f6f8b84eba8d
https://github.com/python/cpython/commit/918387e4912d12ffc166c8f2a38df92b6ec756ca
https://github.com/python/cpython/commit/b1869ff648bbee0717221d09e6deff46617f3e85